Burp Suite User Forum

Login to post

"Response received" column disappears when "Grep Extract" is used

In Intruder results: - display non-default column "Response received" - add a column based on "Grep - Extract" - the "Response received" column disappeared Not a big deal...

Last updated: Jul 28, 2017 10:47AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

NTLMv2 Proxy Auth not working

Hi, I'm trying to use burp proxy with a corporate proxy that requires NTLMv2, however it doesn't seem to be working. IE, Firefox and Chrome are working fine with it, but burp throws an error saying "Failed to connect to...

Last updated: Jul 24, 2017 08:54AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Redirects to IPv6 IP addresses are not detected

When a website redirects to an IPv6 address (between square brackets), Repeater will not detect the redirect: - the "Follow redirection" button doesn't appear - the "Repeater / Follow redirections / Always" option isn't...

Last updated: Jul 19, 2017 08:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

SEP quarantined gtc.class in 1.7.23.jar

Symantec Endpoint Protection is performing a scan on my machine where I have Burp Suite Pro 1.7.23.jar and it has quarantined burp/gtc.class. What type of issues is this going to cause with the functionality of Burp?

Last updated: Jul 13, 2017 07:22AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

CA CERT

I'm installing the cert in IE and still unable to pull up HTTPS sites..

Last updated: Jul 12, 2017 07:46AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Performance dropped in latest version of BurpSuite? (MacOS)

Hi! Since the latest version of BurpSuite (1.7.22) I noticed quite some drop in performance on MacOS. I mainly use FireFox (also latest version) to browse. I often see that pages are loaded really slow (or don't load at...

Last updated: Jul 11, 2017 10:25AM UTC | 5 Agent replies | 7 Community replies | Bug Reports

missing "Unencrypted communications"

I perfectly understand the issue "Unencrypted communications" but I'm not sure how deterministic Burp is reporting this issue. What are the requirements for Burp to report this? I have done a lot of testing and the...

Last updated: Jul 10, 2017 03:56PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Smart Card not working over Remote Desktop

We use ActivClient on our local and remote machines for Smart Card authentication. This works fine with IE and Firefox, both local and remote. When Burp is run on the remote machine, it accepts the pin code and appears to...

Last updated: Jul 08, 2017 05:19AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

Fix gray autocomplete orphan dialogs

When working on Kali 2.0 and maybe others, Burp Suite tries to autocomplete previously used input. This generates an empty grey window that, sometimes, remains open and it's added to the list of open windows. Closing this...

Last updated: Jun 30, 2017 11:03AM UTC | 6 Agent replies | 6 Community replies | Bug Reports

CLI option "--help" doesn't work on Windows

Hello, on Windows x64 + Oracle v1.8.0_112 (from installation bundle), the "BurpSuitePro.exe" binary doesn't print the Help menu when called with "--help" (it just stops after a few seconds). However, other options like...

Last updated: Jun 29, 2017 11:15AM UTC | 1 Agent replies | 2 Community replies | Bug Reports

OS Command Injection FP?

Hi all, Burp active scan has found potential OS Command Injection using nslookup as the example. I'm unable to replicate this and the IP that burp collaborator shows is from google rather than the server of which the...

Last updated: Jun 27, 2017 07:43AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

removeParameter API outputs incorrect request when removing the last Cookie

There is an API to remove a parameter from a given request in IExtensionHelpers interface (https://portswigger.net/burp/extender/api/burp/IExtensionHelpers.html#removeParameter(byte[],%20burp.IParameter)). I use this API in...

Last updated: Jun 23, 2017 07:50AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp stops accepting keyboard input

I am having an issue identical to this one: https://support.portswigger.net/customer/portal/questions/11672133-unable-to-type-anything-on-any-field . The same issue affects OS X 10.12.5 with Java 8 Update 131. This is...

Last updated: Jun 15, 2017 07:19AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp does not process cookies when initializing Intruder

I am using a site which has multiple redirects after submitting a form. After the initial POST request, Burp does not use cookies on subsequent requests. Behavior from the browser: POST request sent with cookies => 302...

Last updated: Jun 09, 2017 09:10AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

https:// sites not loading

Https sites are not loading when interception on.CA certificates are already instslled.i recently updated burp to 1.7 version but no luck.but i can still acess to http://burp ..im using java version 1.8 on my kali linux pc...

Last updated: Jun 02, 2017 10:10AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Save State Bug Report

I was trying to save the state of a project and received this error. burp.rmc at burp.d7g.a(Unknown Source) at burp.ung.a(Unknown Source) at burp.wng.a(Unknown Source) at burp.p2d.a(Unknown Source) at...

Last updated: Jun 02, 2017 09:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Strict transport security not enforced without request/response

The Strict transport security not enforced issues do not show a request/response. This does not make any sense, there was at least one response that had no HSTS header for Burp to show that issue, so it makes sense to report...

Last updated: May 31, 2017 01:02PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

security testing

Hi Team, Can you please tell me how to test URL for finding issues like iframe , cross scripting, SSL, cookie vulnerability, HTTPonly & secure. Thanks

Last updated: May 30, 2017 08:39AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

BUG

CO2 DOWNLAD AND EROR BrupSuite

Last updated: May 30, 2017 08:37AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

SSL SNI not used with upstream proxy

Hello, SSL SNI works properly on regular connections but not on connections through upstream http proxy. After getting Handshake_Failure alerts when using an upstream http proxy I've confirmed that the "Server_Name"...

Last updated: May 26, 2017 12:53PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Page 79 of 92

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image