Burp Suite User Forum

Login to post

Cannot record all connection log

I often use burp in my work. When I needed to investigate my log files, I found some connection is not included the log files. Regarding the log files, what are the communication does not remain in the log? If there is...

Last updated: Jun 13, 2016 01:54PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Fails to capture Location HTTP header field

Hi, I am using Burp v1.7.03 and it appears burp is not capturing the redirection requests from a 302 (found) contained in a response; were the HTTP header field contains a valid ‘Location: https://xxxx.xxxx.com’ value. I...

Last updated: Jun 13, 2016 01:39PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Javax.net.ssl SSLException Bad_record_mac errors

I am using Burp v1.7.03 and I am seeing in the alerts tab Javax.net.ssl SSLException Bad_record_mac errors I am using a windows system with java version "1.8.0_77" Java(TM) SE Runtime Environment (build...

Last updated: Jun 10, 2016 10:23AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Repeater numbering 'restarts' after resuming project

Hi, I'm using Burp Suite Professional v1.7.03. When resuming a saved *project* (those files get big!), it seems like the numbering of Repeater tabs is off. When you have e.g. 50 tabs open, it resumes with say 45, so there...

Last updated: Jun 09, 2016 01:42PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Impossible to use burp.

Burp Team, here is what's going on. I've just downloaded the Burp Suite Professional v1.7.03. When running it, a new window related to the new "project" feature opens. Whatever i select there, a temporary project,...

Last updated: Jun 09, 2016 08:00AM UTC | 4 Agent replies | 5 Community replies | Bug Reports

Burp 1.7.03 fatal error core dumped

Hello, I am not able to run burpsuite pro 1.7.03 at my Linux machine. It crashes after I choose to create a new project and choosing "Use Burp Defaults" and pressing "Start Burp". This is my java version: # java...

Last updated: Jun 06, 2016 09:23AM UTC | 5 Agent replies | 5 Community replies | Bug Reports

Scanner "X-Forwarded-For dependent response" check alters Content-Type?

I'm seeing behavior from the active scan check for "X-Forwarded-For dependent response" that changes the effect of the request and seems likely to produce false positives. When the scanner sends the request with the...

Last updated: Jun 01, 2016 08:25AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Proxy passwords are saved in the clear in config files

This affects both project and user JSON config files. At minimum, documentation warning of this would be good. Better yet, add an option to encrypt or not include them, like the save state file wizard has. If that's too much...

Last updated: May 27, 2016 08:27AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Loading configuration file on start doesn't

With version 1.7.03, using a temporary project or an existing project,then selecting a saved configuration file doesn't load the configuration setting from that file. Specifically the upstream and SOCKS proxy settings always...

Last updated: May 27, 2016 08:26AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

GUI hanging on Windows 8.1 64-bit?

Hola, I've just set up a new install of Windows 8.1 64-bit (fully patched) with the latest (AFAIK) versions of Java and Burpsuite (running as "java -jar -Xmx4096m burpsuite_pro_v1.6.14.jar" from a command prompt with...

Last updated: May 25, 2016 05:03PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Unclickable on Proxy Listeners

I am Using Pro version of Burp Suite, I am unable to put check on Proxy Listeners. Please fix this issue.

Last updated: May 23, 2016 12:32PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Cannot actively scan a single URL

I have a URL which is indicating a CSRF issue. When I attempt to select the URL and perform an active scan of the branch, I receive the following messages from the command window: D:\Tools>java -jar -Xmx2G...

Last updated: May 23, 2016 07:58AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Burp hangs upon saved state file overwrite.

Burp in version 1.7.02beta hangs indefinitely on an attempt to save a state in the existing file (overwrite). The whole UI starts to behave erratically and burp cannot be exited otherwise than being killed.

Last updated: May 12, 2016 02:41PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

cross site scripting issue detail (typo)

Using BurpSuite Pro 1.6.39. Scanner found an XSS and gave it "Informational" severity, so I read the "Issue Detail" a little more closely than usual (because why "informational"?) The Detail contains two nearly identical...

Last updated: May 12, 2016 02:40PM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Failed to create project file within shared folder on Virtualbox

Hi I'm not able to create a new project when I specify that the location of the project file is within a shared folder on a Kali VM on Virtualbox. Specifying another 'local', location the creation of the project file...

Last updated: May 09, 2016 01:37PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Issue with Burp Collaborator

Hi, We have a licensed version of Burp suite running and the license is issued to Cisco Systems India Pvt Ltd. We have been running Burp suite on our application and wanted to report an issue that we have been...

Last updated: May 05, 2016 09:24AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Scanner - Live Scanning

Hi There, I am using Burp Suite Professional v1.7.02 beta. There is a very issue in Live Scanning. Every time I select option Don't Scan in Live Passive Scanning and close the Burp Suite. Whenever I start Burp Suite...

Last updated: May 04, 2016 10:50AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Clear text password box in proxy certificate p12 settings

Hello, the possibility to use a PKCS#12 keystore in the proxy certificate options saved our bottoms today in a SoapUI/Ready! API environment, so thanks for that first. [for other poor souls in the same situation: If...

Last updated: Apr 27, 2016 07:46AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Error resolving "/burp/show/1" when non-default proxy port is used.

I am having issues with the "Test in browser" functionality from CSRF PoC and "Show response in browser" functionality from proxy. Both of these seem to work fine with the default configuration of Burp set to listen on...

Last updated: Apr 26, 2016 04:41AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

AMF Deserialization

When an AMF response body contains a custom object, BURP can't seem to properly deserialize the body and return a "data - null" instead of the proper object. For the same request/response, Charles proxy seem to be able to...

Last updated: Apr 20, 2016 07:55AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Page 74 of 81

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image