Bug Reports - Page 58 - Burp Suite User Forum

Exploiting cross-site scripting to steal cookies lab

This lab isn`t sending me any cookie session besides mine. And if I send the lab link to someone else, it sends their cookie session.

An error occurred. We apologise for the inconvenience.

An error occurred. We apologise for the inconvenience. I've been dealing with this bug for a few days now that won't let me finish completing the labs.

Labs not spawning

While trying to work on the exercise labs several would not spawn and return Error. This is one example of a lab that will not spin up. ...

An error occurred. We apologise for the inconvenience. + Lab doesn't show solved

I am currently not able to start labs properly, i get the result: An error occurred. We apologise for the inconvenience. After multiple tries, the Lab: Blind SQL injection with out-of-band interaction finally...

Unexpected behaviour of the audited application when using Vaadin

I have tried to use several browsers to audit the platform but I always run into the same problem. In case the browser proxy is configured to work with Burp the application does not behave as expected. For example for the...

There is no column option after intruder attack - Community edition V2022.7.1 on macbook

Hello First of all congrat, your learning program is fantastic. I like it so much. :) I have a little problem. I learn the time delay sql injection, and on my installed burp siute something is wrong. I dont have coloums...

Target -> Site map -> In-scope items

Hello, There used to be an indicator which target URLs are in scope, in the site map. But There is no visible indicator anymore in the latest version v2022.6.1. Can you please bring that back? I can't rightclick dozens of...

Portswigger SQL Injection Labs are down

Portswigger SQL Injection Labs are down. I get an error page. Are you performing updates?

Not able to access labs

Hi, its been almost two days now that I am not able to access any of the labs at port swigger. Its shows and error message always. Kindly look into this matter.

SSTI labs not completing.

Hi I have been unable to complete the labs in Server Side Template Injection topic on the Academy learning path as the injections are no longer working. For instance, in the lab 'Basic server-side template injection (code...

Certificate

Burp giving me a not valid certificate for some reason my browser starts screaming at me for that and not letting me on the website I tried changing the date and time on windows but then widows start throwing me errors and...

unable to run installer for burp suite

Trying to download burp suite, and can't even get the installer to run ┌──(root㉿kali-raspberry-pi)-[~/Downloads] └─# sudo ./burpsuite_community_linux_v2022_7.sh Unpacking JRE ... Starting Installer...

Decoder - Hash dropdown entries broken

Hello, The Hash dropdown in Decoder doesn't show the actual Hash names, but only random numbers. Version: v2022.6.1 I have the exact same issue in community edition 2022.6.1.

Burp doesn't load any page

Hi, I have a problem with Burp Suite, I want to use it on navigator (with the certificate) but whatever I do, the page doesn't load. So I tried the default chromium from Burp but still doesn't work. Please help me, I...

Corrupt Burp Projects

So recently I've been getting a lot of corrupt Burp project files, basically the last maybe couple of releases with the Plain Java version on macOS. It is causing a lot of disruption as it is loosing a lot of testing data...

Scan Freezes at Active Phase 1

Hello, I'm having an issue with the scan functionality on Burp Suite Professional v2020.2.1. The same exact request works with no issues on one of the earlier versions of Burp Suite Professional's scanner, v1.7.37. This...

Basic clickjacking with CSRF token protection

Hello Support Team on the lab "Basic clickjacking with CSRF token protection" the user name and password "wiener:peter" does not work what should i do??

Web security academy lab

Lab: DOM XSS in document.write sink using source location.search inside a select element. In this lab the inspect (Q) is not working means, the storedID where mentioned and selected after putting the string in...

problem trusting a secured connection to https://perfdata.portswigger.net//feedback/submit

BurpSuite Enterprise has been intermittently, about 4 times a day, sending out a email notification of an error/warning which I can't figure out by looking at the logs why? I can't find anything in the forums and any help...

Lab: Using PHAR deserialization to deploy a custom gadget chain

I think that the solution of this lab is wrong in item number 4 [Notice that the file_exists() filesystem method is called on the lockFilePath attribute]. In my opinion, its chain will implement the following flow:...