Bug Reports - Page 59 - Burp Suite User Forum

Lab: Exploiting XSS to perform CSRF

Hi, so first i checked out how the normal request is send when we are about to change the users email and i found out that the given email parameter value is URL encoded (@=%40). POST /my-account/change-email...

Burp Suite Community Edition: Authentication with no password input but manage to access.

It is annoying trying to input password every time when opening the intercept browser. However there are 2 problems encountered. First is the error that stated my password was incorrect, but I swear it is correct, or...

Burp Suite Browser doesn't trust DigiCert Certificate

Our DigiCert Certificate works fine in the 'real world', but the Burp Suite Browser says it's not secure: "This CA Root certificate is not trusted. To enable trust, install this certificate in the Trusted Root Certification...

Burp Crash after open any project file

Dear Team, This week, I encountered the problem of that Burp crash when I open any project file (even a temporary one). You can see the video for the...

Collaborator

Hello, Collaborator of the Burp application is not working. Screen: https://i.ibb.co/rHDGWZv/collaborator.png

Burp crashes with SIGSEGV, tested with multiple Java versions

Since this week, Burp crashes on irregular but short intervals. Completing any intruder attack is hardly possible, but the crashes do not require intruder. At some points, they occur on the loading screen, even with...

Browser Will Not Open

Recently I've encountered an issue where my browser will not open, and I get the following error message: net.portswigger.devtools.client.a9: Unable to start browser: [0707/014003.432116:FATAL:v8_initializer.cc(423)] Error...

Not able to Login

Hi Team, I am not able to login with below credentials which are provided in Clickjacking module. You can log in to your own account using the following credentials:...

Why is the default login euphemism-for-penis:euphemism-for-penis and why do we keep committing hate crimes toward poor Carlos?

title

Malicious

I never accepted this and it's on 10 of my phones, tablets , watches. Whatever it is can someone help?

Web Security Academy Lab Bug

Note: This is the reposting of the request that I accidentally add-in "How do I?" Section Hello, I'm doing Web Security Academy Lab.`Exploiting HTTP request smuggling to capture other users' requests`. But I think...

No more activations allowed for this license

hello, I got several problems with my vm so i had to reinstall. When I try to load the key i got the message "No more activations allowed for this license" any fix?

the insert caret shows up even when text is selected

hi. i'm reporting on behalf of users of Burp. when text is selected, the insert caret style is still showing up. this is confusing for people, and not standard. is there a way to stop this behavior? thanks.

username and password word list for pen tester exam do not work

Login unsuccessful when using the usernames and passwords word lists provided by portswigger for the pen tester exam. So, I used cluster bomb in burp intruder with the username and password list provided for the exam. ...

Having trouble accessing the two Blind SSRF labs

I am unable to access "Blind SSRF with out-of-band detection" and "Blind SSRF with Shellshock exploitation" labs. After i click the "Access the lab" button, it is loading for a couple of minutes (two to three) and redirects...

Copy/Past Not Working

Hello, I have Burp Pro (Version 2022.5.2) on my MacOS Version 12.4. Copy-Paste don't work in HTTP History (Filter By search term) and Repeater (Search bar). Regards. Chris

Burp crawler not finding endpoint on api sites

When crawl scanning APIs with Burp crawler it cannot find any endpoint. for instance If I select the https://api.example.com from the target sitemap and scan crawl it. Then it will find no endpoints.

Issue with Lab(H2.CL request smuggling) from Web Security Academy

I have followed all the steps mentioned in the instructions. However, the lab still remain unsolved. I suspect something is wrong with the lab or there might be some mistake in the instructions. I have done a screen...

net.portwsigger.devtools.client.at: Unable to start browser

Chromium browser in proxy tab of burp suite professional will not start. Popup message says: "net.portwsigger.devtools.client.at: Unable to start browser"

Unattended installation is not "unattended"

OS: Ubuntu 20.04 1. Downloaded latest burpsuite_enterprise_linux_v2022_5.sh 2. Copied "response.varfile" file from you documentation page:...