Burp Suite User Forum

Login to post

Burp Project looses data

I used burp 1.7.10 for a whole day without problems. I created a new project and at the end of the day i just closed burp without any errors or problems. The 2nd day i opened the same project and everything was fine, no...

Last updated: Nov 14, 2016 09:29AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

XSS False positive

I have some reflected XSS reported as high+certain when actually there's no vulnerability. There is a specific header (anti Csrf) which is added by some js on page. Since a request from another domain won't be able to add...

Last updated: Nov 09, 2016 09:32AM UTC | 1 Agent replies | 1 Community replies | Bug Reports

negotiate authentication trouble

i'm used Burp Suite Professional last V i try to login website with negotiate authentication Burp Suite don't accept negotiate authentication how can i fix that ??

Last updated: Nov 03, 2016 11:08AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Target of CONNECT Sends Data First, Data not seen by Client; Expected?

Four scenarios: 1) Client -> Target 2) Client -> Squid -> Target 3) Client -> Burp Proxy (CONNECT) -> Target 4) Client -> Burp -> Squid -> Target * The underlying communications between the client and target in not...

Last updated: Nov 01, 2016 05:05PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Burp Suite 1.7.08 Infected/Backdoored?

burpsuite_pro_v1.7.08.jar MD5: eb98fc4432cff3e288afd2bd2b6b3661 SHA256:...

Last updated: Oct 31, 2016 08:51AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

GUI display issue

Hi, I cant see some of burp text on it's menus, it happens when I change screen or click on something. I'm on VMWare 11 windows 10 java 1.7.0_80-b15. picture of the problem:...

Last updated: Oct 21, 2016 03:08PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

SSL peer shut down incorrectly / WebSockets not upgrading

TL;DR - The default setting for 'Set "Connection close" on incoming requests', introduced in v1.6.32 should be disabled by default because it seems to break websockets. I had an issue that took me quite a while to figure...

Last updated: Oct 18, 2016 12:48PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

processProxyMessage doesn't take changes from processHttpMessage into account

Hey guys, I am not sure if this is a bug or intended behavior but I wanted to let you know anyway. At work I recently made a small plugin that simply adds a custom header to outgoing requests by overriding...

Last updated: Sep 28, 2016 07:57AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Send to Decoder character limit

Hi there Any reason Send to Decoder only transfers the first 10,000 characters? When I copy and paste, the whole lot comes over - granted, that's a different buffer, but given that Send to Repeater handles larger blocks,...

Last updated: Sep 27, 2016 02:18PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

buggy double click auto selection in response

bellow is response: HTTP/1.1 200 OK Server: openresty Date: Wed, 14 Sep 2016 04:28:37 GMT Content-Type: text/html Connection: keep-alive Vary: Accept-Encoding X-Powered-By: PHP/5.4.11 Content-Length:...

Last updated: Sep 23, 2016 09:11AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Collaborator polling ssl root cert

Stood up a private collab server and everything seems to be running as expected. Looking at the polling server on 9443 however I get a cert error warning. Same cert is used for 443 and there's no warning. Not sure if I...

Last updated: Sep 15, 2016 08:41AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Intruder: Make it easier to retrieve long payloads from attack results

If a payload is quite long (when using, for example, the Bit Flipper payload on a long session token), it's truncated in the displayed results grid when the column is expanded. This isn't great, but it's livable if the whole...

Last updated: Sep 14, 2016 01:14PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Scanner does not recognize Open Redirect

Burp Scanner does not recognize Open Redirect: When checking the raw scanner requests/responses with Logger++ I spotted the following Open Redirect situation that was not recognized/reported by the...

Last updated: Sep 09, 2016 12:03PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Unable to Repeat a Saved Attack

I am using Burp Suite Pro 1.7.06 with Java version 1.8.0_102 on Windows 10. I am able to open saved attacks via the "Intruder" > "Open Saved Attack" menu, but when I then select "Attack" > "Repeat" in the resulting pop-up...

Last updated: Sep 09, 2016 08:17AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp fails loading CSS, responds extremely sluggish, CPU up to 100%

Hi, I am using Burp on a Mac Book Pro (End 2013, 16 GB Ram) latest version (1.7.05). Burp has come to a point, that I can hardly use it for my day to day work: When doing an application test with Burp and Firefox (most...

Last updated: Sep 07, 2016 12:31PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Match-Replace Doesn't Work With External js Files

Hi, I'm not sure that this phenomenon is a bug or is an intentional "feature" and I've searched support and the community, but... I set up a series of rather heavy-handed filters, using "Match and Replace" - 4 to be...

Last updated: Sep 05, 2016 01:22PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp/Repeater decodes payload incorrectly

I am trying to send different payloads with Burp repeater, but found some characters to result in unwanted behavior of the repeater functionality. Details: I am sending the following character as a repeater payload...

Last updated: Sep 01, 2016 12:55PM UTC | 2 Agent replies | 2 Community replies | Bug Reports

SQLiPy plugin, no start button for sqlmap tab

OS: Kali Linux 2.0 Software versions installed: jython 2.7.0 Burpsuite 1.7.04 Java 1.7.0_79 SQLiPy 0.5.0 Issue: When trying to use the SQLmap plugin for Burpsuite with the above installations the "start" button...

Last updated: Sep 01, 2016 08:46AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Can't import Burp Project options after save

Hello, I try to import project options in "wizard" when burp is starting, but I can't. I always get message "Not a valid Burp file". But when I open Burp and click on menu and import again file - then this file is...

Last updated: Aug 24, 2016 02:26PM UTC | 4 Agent replies | 4 Community replies | Bug Reports

Failed to create Burp project: IndexOutOfBoundsException

I was working on a burp project the past 24 hours and today my computer crashed. When I went to load the project again after recovering my machine I am now getting an error. Failed to create Burp project:...

Last updated: Aug 11, 2016 03:15PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Page 83 of 92

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image