Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab issue: Exploiting cross-site scripting to steal cookies

Hello! I am trying to solve one of your labs - https://portswigger.net/web-security/cross-site-scripting/exploiting/lab-stealing-cookies. I had thought that something wrong with me, so I have read the solution, but I also...

Last updated: Nov 15, 2020 09:40AM UTC | 0 Agent replies | 1 Community replies | Bug Reports

error: timed out waiting for the condition on jobs/bsee-database-migration - Database migrations failed

I've installed the arm template of Azure with the Enterprise Edition 2020.10.1 Deployment has completed success. When the application container run, the pod bsee-database-migration end with error. In the condition...

Last updated: Nov 13, 2020 11:10AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

plz provide bugs report of different bugs

Hello sir how are u ,i hope u are fine ,sir plz provide all bugs reports like xxs,idor,csrf etc i hope u are not turn down on my request. thanksalot.

Last updated: Nov 13, 2020 09:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

any scheduled scan ends with 'Error Dispatching scan to 'Agent'

BurpSuite edition: Enterprise Installation type: Server & Agent(5) at separated computers Operating system: Ubuntu 18.04.3 LTS Agent is authorised and licensed. Log Errors 2020-11-09 00:01:49 INFO ...

Last updated: Nov 13, 2020 09:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Crawl / Audit requests not getting responses

If I'm manually browsing the proxy is effective at showing the requests/responses. Same if I'm using Intruder or Repeater. When I try to initiate a scan with Craw or Audit the requests go out, get logged in Logger++ but...

Last updated: Nov 12, 2020 02:55PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab issues

Hello, I have been working on the web security labs. Everything was normal i was able to use the labs. I took a small break. I came back to resume the labs. I noticed i am unable to solve the labs has the get requests...

Last updated: Nov 12, 2020 09:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab issues

Hello, I have been working on the web security labs. Everything was normal i was able to use the labs. I took a small break. I came back to resume the labs. I noticed i am unable to solve the labs has the get requests...

Last updated: Nov 11, 2020 08:43PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Bug in inspector selection feature

Hello, I just updated to v2020.11(on windows), and I noticed the selection feature works only if you select one character. If I mark more than one, the selection section disappears. Thanks!

Last updated: Nov 10, 2020 01:53PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

burpsuite_pro_windows-x64_v2020_9_2.exe installs to wrong folder

Not sure if it's a general issue, or just my installer, but when I ran burpsuite_pro_windows-x64_v2020_9_2.exe installer few times, it kept on installing itself to C:\Users\<username>\AppData\Local\Programs\BurpSuitePro...

Last updated: Nov 10, 2020 11:36AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

embedded chrome --SSDP

Hello I would like ask if is necessary by embedded chrome.exe Browser use UDP IPv4 ssdp 239.255.255.250 connection. 85.0.4183.121-1\chrome.exe If not please in future disable it. thanks

Last updated: Nov 10, 2020 10:13AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Suite Professional trial messed Kali

The BS Pro was downloaded and installed by the wizard. After that, the first time it was opened, it asked for a license key file. Given the file from Downloads in Kali, both automatic and manual activation was attempted but...

Last updated: Nov 09, 2020 12:03PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp suite not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 09, 2020 11:24AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Stored XSS into anchor href attribute with double quotes HTML-encoded is not recognizing an XSS

I have done the following submit a comment that calls the alert function when the comment author name is clicked. I have used the following payload in the website field of the form: javascript:alert(1)

Last updated: Nov 09, 2020 09:42AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

I'm trying to run a scan and it's stuck on "Waiting for agent"

I've checked the logs under /var/log/BurpSuiteEnterpriseEdition/ and I'm not seeing anything obvious. When I check the agent status on the web interface it shows up as connected and not busy. The only thing thats changed...

Last updated: Nov 09, 2020 08:53AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 07, 2020 01:53AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Burp not working

Hi team i am using latest community version of burp suite and when i intercept request and forward it then it isnt sent to the server by burp suite so if i try to send that request to repeater and replay the request i wont...

Last updated: Nov 07, 2020 01:53AM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Scanner freezes and never end

Hi, I tried using the Scanner with the latest Burp, but the problem that the Scanner freezes and never ends when the server does not return a response seems to recur. BurpSuiteProfessional:v2020.6,v2020.9.2

Last updated: Nov 06, 2020 11:16AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

Minor issue in the solution of Lab: "Web cache poisoning with multiple headers"

I think point number 2 of the official solution is somehow misleading: "Find the GET request for the JavaScript file /resources/js/tracking.js and send it to Burp Repeater" That file is never requested by the website and...

Last updated: Nov 05, 2020 07:25PM UTC | 1 Agent replies | 4 Community replies | Bug Reports

Burp Collaborator STARTTLS Plaintext Command Injection

The following issue is being found by the Nessus vulnerability scanner, when the Burp collaborator server is scanned: https://www.tenable.com/plugins/nessus/52611 I was also able to verify this using a self compiled...

Last updated: Nov 05, 2020 10:06AM UTC | 2 Agent replies | 0 Community replies | Bug Reports

Burp Collaborator HTTP Info Disclosure

The collaborator server version is disclosed as HTTP header (X-Collaborator-Version). Is it possible to remove it via config parameters or is this fixed? $ curl -I http://<collaborator server> HTTP/1.1 200 OK Server:...

Last updated: Nov 04, 2020 09:13AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

85 86
87
88 89

Page 87 of 142

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image