Bug Reports - Page 78 - Burp Suite User Forum

complete proxy failure due to Java TLS bug

I am getting this proxy error: 1614964526020 Error Proxy [22] The client failed to negotiate a TLS connection to xxx.com:443: Insufficient buffer remaining for AEAD cipher fragment (2). Needs to be more than tag size...

Site does not work with Burp

Hi, I have site that doesn't work with burp Im using the last version of burp. without burp the site work perfect. I try to activate the burp on a specific request and that also not help to solve the problem. The java...

Academy lab "Blind SQL injection with conditional responses" times out

This lab cannot be completed with a community edition of Burp Suite as it stands today. Due to the limit of just one thread when using the intruder function, the sheer number of SQLi requests that have to be sent and...

Burp Enteprise - Error Dispatching scan to Agent

We are getting Unable to dispatch requests to agents while trying to perform BURP Scan via api in the enterprise edition. It could able to perform scans via API earlier. Not sure if this is because of update. The automatic...

GraphQL Scan Query Issues return null values

I'm trying to grab scan results and include issue information. However, any details about the issue which explain what was found come back null, including description_html, evidence, remediation_html. I've tried for multiple...

"Send to Repeater" from an intruder saved attack

Hello, it is not possible to send to repeater the payload of an intruder saved attack. The buffer sent corresponds to the data of the current main "payload positions" window. Thanks in advanced. BurpsuitePro...

Burp 2020.9.1 crashes when sending certain characters in repeater

When POSTing a login request (does not seem to matter if the body is JSON or HTTP post form etc.) the entire application crashes if an dollar($) symbol is in a parameter name in the body of the request. Found when testing...

Inspector "Apply changes" button does not appear when copy/pasting

I have the following problem when pasting content in Inspector within Repeater, please reproduce as follows: 1) Edit an HTTP POST request with an URL-encoded body parameter 2) Editing a single character in the "Decoded...

Enterprise - Scan configuration deletion of active config causes an inoperable site

If you delete a scan configuration that is currently associated with a site and a scan is running for that site, then cancel the scan, you can no longer edit the site to change the configurations. I am getting this...

ViewState Parser not parsing

I thought I was going mad, but it appears the ViewState parser is not fully functional in v2020.4.1. I can see a __VIEWSTATE cookie but it is never parsed. Similarly, .NET Beautifier doesn't register the cookie and make...

Viewstate decoded tab is gone

Hi, the tab who shows the decoded ViewState and says if Mac is enabled or not is gone. I'm using Professional / Community 2020.4.1 Happens in Mac Os and linux

2020.4.1 Missing ViewState Tab in Request

When viewing a request with a ViewState, previous versions would provide a ViewState tab to display the decoded information in tree view or would show that it was encrypted. As of 2020.4.1, this tab no longer shows. I...

Traffic generated on my android mobile device is not being reflected on Burp Suite

I’m want to use Burp to test our new mobile app. I followed the instructions given in the documentation....

Accessing Labs in PortSwigger Academy

I am trying to work through the labs available in PortSwigger Academy. I was able to work through some of them, but now for some reason whenever I try to launch a new one, the platform fails with an error page.

Problems with Crawler browser

Hi, good afternoon, I have been trying to test the latest crawler functionality and scan with the browser that has burp suite but I have had a problem when I crawl without the browser, it adds all the content to my sitemap...

"CSRF with broken Referer validation" not marking as solved

Hi, I've constructed an exploit that successfully changes the email address of my account, but the lab is not getting marked as solved. Is this a known issue?

Load user options with vpn connection freeze the Burp

If I have vpn connection and I try to load user options the Burp freeze and I have to restart everything. Everything works fine if I first load user options and then start up vpn connection.

Is there any option to output bug report in Japanese language

Hi, I would like to know whether there is an option to output the burpsuite report in Japanese language

Confidential/sensitive information accessible for non-legitimate users

Hello, During a POC we are running using BurpSuite Enterprise web application scanner, we encountered an issue (not much a bug, but more a security weakness) : as it is possible to provide credentials for authenticated...

Burp Suite 2021.2.1 Application Screen Tearing

Hi Agent Support, Encountering Application Tear on actual "Main Windows Machine". https://i.imgur.com/7dFFP1X.png https://i.imgur.com/0ipZ93D.png However when i switched over to "my VM Windows / VM Kali" that is...