Burp Suite User Forum

Login to post

Error importing certificate in chrome -The Private Key for this Client Certificate is missing or invalid

I am having problems with chrome importing the burpsuite certificate I am getting this error: Certificate Import Error The Private Key for this Client Certificate is missing or invalid This only happens to me after a...

Last updated: Jun 12, 2022 03:15PM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Error in first lab task

I keep getting the response "Missing parameter" when uploading a file. It does not seem to matter if the file is .jpg or .php I have tried through Burp and simply directly.... Am I doing something wrong?

Last updated: Jun 10, 2022 08:21AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Labs: Web cache poisoning not solved

I can successfully exploit myself but non of the labs get marked as solved. I've tried the first three web cache poisoning labs.

Last updated: Jun 09, 2022 09:07AM UTC | 5 Agent replies | 7 Community replies | Bug Reports

Lab: Web cache poisoning via ambiguous requests broken

Hi No matter what I do inside Repeater, the site always answers with 'Age: 0' and 'X-Cache: miss' which means I cant poison the target. I also tried removing 'Cache-Control' from the request. (no luck) When sending the...

Last updated: Jun 09, 2022 09:03AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Client Failed to negotiate a TLS Connection to respective application

Hello BurpSuite Support, When I was trying to test a web application using Burp Suite 2.1.07 it is showing with an error Client failed to negotiate a TLS Connection to www.xxxxxxx.com: Received fatal...

Last updated: Jun 09, 2022 06:47AM UTC | 8 Agent replies | 10 Community replies | Bug Reports

HTTP Request Smuggling TE.CL not work on Burp v2022.3.9 on Windows

Hi Support team, When trying to resolve lab "basic-te-cl". I found that instead I already unchecked at Update Content-Length for Repeater but after sent out the payload exactly the same as the solution, I still can not...

Last updated: Jun 08, 2022 09:24AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

No more activations allowed for this license

Hi Team, While installing the license getting error "No more activation allowed for this license". Could you please help. Regards Ankit Gurjargour

Last updated: Jun 08, 2022 07:58AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Failed to update BApp list

I have just downloaded and installed burp pro, activated it and tried to install some extensions. I have changed no other settings. The BApp store is empty with an error in the bottom right corner 'failed to update BApp...

Last updated: Jun 07, 2022 01:43PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Bug on "Lab: Username enumeration via account lock"

Hello, I tried every way to solve the lab but I couldn't get any results. I think there is something wrong with some labs. I faced the same problem before. Should i send email to support's mail?

Last updated: Jun 07, 2022 07:20AM UTC | 3 Agent replies | 3 Community replies | Bug Reports

Turbo Intruder does not send requests

Hi, just doing the LAB: Web shell upload via race condition but everytime i start the Attack with Turbo intruder, it sends no requests but puts them in Queued. Here's my code: def queueRequests(target, wordlists): ...

Last updated: Jun 06, 2022 04:05PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

solved lab is showing not solved

i've succesfully sovled the lab Method-based access control can be circumvented but it shows that i dint solve it when i am redirected to the homepage

Last updated: Jun 06, 2022 10:34AM UTC | 12 Agent replies | 39 Community replies | Bug Reports

Embedded browser use 100% CPU on Linux

Hi, I'm using Burp on Linux with .sh installer version 2022.3.9. First I couldn't start the embedded browser because of the sandbox error so I ran: find .BurpSuite -name chrome-sandbox -exec chown root:root {} \; -exec...

Last updated: Jun 06, 2022 09:22AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Match-and-replace rule for request 1st line seems broken

Hi guys, The match-and-replace rule for request 1st line doesn't seem to work with the lastest early adopter Burp Pro (2022-5.13348). I created a few rules to disable WebSockets upgrade, and one of them is to replace...

Last updated: Jun 02, 2022 02:43PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Intruder inaccurate received and completed response time

In Intruder, in order to execute blind sql injection, I selected the Received time from the columns menu in intruder attack window. While executing the attack, I noticed that the response times are not correct after the...

Last updated: Jun 02, 2022 09:30AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Web cache poisoning via ambiguous requests

Currently the lab can't be completed since _lab and session cookies have the Httponly flag when the lab is first loaded. The alert(document.cookie) will never fire correctly.

Last updated: Jun 01, 2022 12:58PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Failed to connect to sitename.net:443 - Only AWS Sites

I'm running the latest version of Burp Pro and FireFox. I have the certificate installed correctly. I'm not going through a corporate proxy when I test. Just figured I'd get that info out of the way now. We are...

Last updated: Jun 01, 2022 05:48AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Section Symbols are appearing in images which breaks Intruder

Section Symbols '§' are appearing in any images (jpg, gif, png, etc.) when retrieved in GET requests or posted in POST, if sent to Intruder it corrupts the image because it strips those characters.

Last updated: May 31, 2022 10:50AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Bug in "CORS vulnerability with internal network pivot attack"?

Login form on the lab (/login endpoint) returns 500 error during logging attempt from main page (but looks like /login works from victim's browser). For me it looks a bit of insane to find Blind XSS in non-working login...

Last updated: May 31, 2022 09:14AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Portswigger Labs not working

Hi your portswigger labs are not working for unknown reasons I tried it with multiple browsers and networks. Getting an error message. Please Solve it soon. For instance try to open this one...

Last updated: May 30, 2022 01:47PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Web Security Academy Lab Access Error

Hi, I'm having issues in accessing Web Security Lab. When I click on Access Lab button its shows error. Kindly help me to resolve this issue. Thanks and Regards

Last updated: May 30, 2022 12:56PM UTC | 2 Agent replies | 5 Community replies | Bug Reports

Page 6 of 107

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image