Bug Reports - Page 85 - Burp Suite User Forum

Burp scan timed out issue

In one application the scanner is not getting the response, while I get proper response in repeater, when the scanner request is taken from logger ++ and re-issued in repeater. The timeout under project options is set to 0...

Collaborator - False positiv

If the remote server do a HTTP request to RANDOMSTRING1.burpcollaborator.tld and the request contains RAMDOMSTING2.burpcollaborator.tld (for example in a POST value), the collaborator will report two HTTP requests as...

Is XPath injection a false positive?

In pen test report using the Burpsuite getting below report: 1. XPath injection 1.1. https://domain.com/api/v2/create_playlist_videos [URL path filename] 1.2. https://domain.com/api/v2/create_playlist_videos [URL path...

Installation not starting

I downloaded Burp Suite Community edition plain JAR file on my kali pi (Pi4 B, Kali 64 bit), I ran it through the terminal, the GUI for the installer started, but then in the terminal, it said, "Could not start Burp:...

Error in lab SQL injection attack

Hello! This lab seems to not work properly: Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft

Burp Suite Enterprise cannot do authenticated scans

Hello Burp, I hope i find you in good health. I would like to present to you a few problems that we encountered while working with Burp Enterprise. In the Web application scan configuration, we use in most...

An error occurred when starting a project with the selected options

Burp receives an error upon loading a specific project project. Upon loading a project (even with 'disable extensions' and 'burp setting defaults') the project window will open while the loading window continues working in...

Burpsuite Enterprise account activation emails with wrong port numbers

Good day all; Ran into an interesting error. Setup Burpsuite Enterprise - Ver: 2021.4.1 (Build 6864) on a fully patched Ubuntu 20.04 LTS. The install comes up on the expected port of 8080 . But when I add new user...

Logger fails to log requests from Authentication Token Obtain and Replace extension

I've noticed that the new integrated Logger fails to log requests from the Authentication Token Obtain and Replace extension (https://portswigger.net/bappstore/51327b097b354243b307b4ed87ba39e). For the logger all options...

Reflected XSS lab not working (The requested item was not found. We apologize for the inconvenience.)

I was trying to access the reflected XSS lab with latest Google Chrome on this URL: https://portswigger.net/web-security/cross-site-scripting/reflected/lab-html-context-nothing-encoded when I clicked on 'Access the...

Open redirection (DOM-based)

I am trying to analyze and understand Open redirection (DOM-based) that has been reported by Burp. It mentions Sink and Source and says:- the application may be vulnerable to DOM-based open redirection. Data is read from...

iOS 14.7 with Burp Proxy Results in "This Connection Is Not Private"

Hello, I hope your day is well. I am trying to configure a proxy on my iOS device. Setup: Burp Suite Community running on my Mac Proxy is on and configured on my iOS device http://burp works CA Cert is installed and...

"To run burpsuite using java 16 or above , use the JVM argument --illegal-acces=permit"

Though i have tried with the argument burpsuite is not starting Description of my operating system Os - Arch linux [Black arch linux] Java - Java 16, Java 11, Java 8 my Java 16 is my default java --version Burpsuite...

CSRF Lab Not Found

Hello world, I've was going through the labs this morning and I wanted to do some CSRF but I noticed that the URL is broken. It says: [Not Found, The requested item was not found. We apologize for the...

XSS exploit server problem while using academy

Hello, i have being trying for couple of hours to solve the second and third lab for 'cross site scripting' in the academy. I open the expliot server paste the required query but when i click 'store' and then 'Deliver...

Client Failed to negotiate a TLS Connection

Hello, im using Burp for intercept some packet send from android to google.com I installed burp cert in system cert. But when i use burp and start to intercept some packet. it return with some error like: "Client failed...

Burp Collaborator No Connections

Hi,excuse me. When I use the Burp Collaborator with the default Collaborator server. The health check shows: Server address resolution Success Server HTTP connection Warning Server HTTPS connection (trust...

Burp Collaborator No connections