Burp Suite User Forum

Create new post

Cannot access labs with Burp browser

I can log to Portswigger site but when I press Acess the lab, I have an error message: This site can’t be reached x.web-security-academy.net took too long to respond. ERR_TIMED_OUT Same things happened yesterday. I can...

Last updated: Nov 30, 2023 07:17AM UTC | 11 Agent replies | 18 Community replies | Bug Reports

Slow response time labs

Hi, I've noticed two labs having a very slow response time and sometimes causing a failed-to-connect error. It causes the labs to be nearly impossible to solve. The errors and slow response times have occurred in the...

Last updated: Nov 28, 2023 09:58AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

No more activations allowed for this license

Hi!! Unfortunately I have had to reinstall my pc on several occasions and now when I try to install burp suite, I get the error "No more activations allowed for this license" Could you help me ? I need ASAP thank you very...

Last updated: Nov 27, 2023 08:31AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp Browser automatically upgrades http:// requests to https://

I have an application running on http://localhost:3000. It does not use https, and I've set a hostname in my /etc/hosts file so that I can access it via http://myapp:3000 Any time I attempt to load http://myapp:3000 in...

Last updated: Nov 26, 2023 11:16AM UTC | 11 Agent replies | 18 Community replies | Bug Reports

Issues are hidden if the PoC changes after an update

Consider the following scenario: In a new Burp project, you scan a website, and it gives you the following finding: ``` #1 XSS GET /?param=testag6vc%3cscript%3ealert(1)%3c%2fscript%3eln0yc param is vulnerable to...

Last updated: Nov 24, 2023 08:42AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Burp Browser Doesn't Work After Update

I have updated to the latest stable version v2023.5.2, and the burp browser was uninstalled from the burpbrowser directory. When trying to use the browser, the following error message pops: java.io.IOException: Cannot run...

Last updated: Nov 24, 2023 08:15AM UTC | 2 Agent replies | 2 Community replies | Bug Reports

BurpGPT Extension

I have tried to run burpgpt extension with burp-suite professional and getting the error message “javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure”, kindly assist to resolve the error.

Last updated: Nov 23, 2023 11:33AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Problem in payload suggested to solve lab "CSRF vulnerability with no defenses"

Hi guys, I have noticed a problem in the payload you suggested for solving the lab "CSRF vulnerability with no defenses", namely in this specific part: name="email"...

Last updated: Nov 23, 2023 10:36AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Bug on "Lab: Username enumeration via account lock"

Hello, I tried every way to solve the lab but I couldn't get any results. I think there is something wrong with some labs. I faced the same problem before. Should i send email to support's mail?

Last updated: Nov 22, 2023 01:45PM UTC | 4 Agent replies | 6 Community replies | Bug Reports

Apple silicon (M3) and Burp Suite Pro crash at launch

I have the official version of Burp Suite Pro and after upgrading to an Apple silicon (M3) I am running into an issue. After launching Burp Suite and getting to the "Starting project, please wait ..." step, which is right at...

Last updated: Nov 22, 2023 11:26AM UTC | 4 Agent replies | 4 Community replies | Bug Reports

'Stream failed to close correctly' when trying to load one lab

Accidentally broke one of the labs - https://portswigger.net/web-security/csrf/bypassing-samesite-restrictions/lab-samesite-strict-bypass-via-cookie-refresh steps to reproduce: - open burpsuite chromium browser - copy...

Last updated: Nov 22, 2023 07:49AM UTC | 3 Agent replies | 6 Community replies | Bug Reports

Failed to create burp project: cannot parse null string

After having issues with Oracle Java that I had to uninstall, I upgraded to the Burp Suite Pro to v2023.10.2.3 (installed version on Windows 11). When selecting the Use Burp Defaults configuration for the project, and trying...

Last updated: Nov 21, 2023 03:13PM UTC | 1 Agent replies | 3 Community replies | Bug Reports

Outdated version of Jetty on Burp Enterprise

We are using Burpsuite Enterprise and found that Jetty 9.4.49.v20220914 is in use on port 8095.

Last updated: Nov 20, 2023 11:41AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Can't solve web cache poisoning with an unkeyed header

It appears that there is no simulated user to view the poisoned JS file and get an alert() no matter how often the cache is poisoned. This means it doesn't seem possible to solve this. Is the simulated user visiting the...

Last updated: Nov 17, 2023 04:50PM UTC | 4 Agent replies | 6 Community replies | Bug Reports

Copy/Paste not working

I work in web security in Korea and have been a long-time user of Burp products. Primarily, I use them on MacOS. I report bugs not only because they inconvenience me but also because my colleagues are experiencing the same...

Last updated: Nov 17, 2023 08:10AM UTC | 5 Agent replies | 5 Community replies | Bug Reports

Access Button LAB doesn't work

Hello, I am experiencing problems this morning with the All Labs button not appearing in order to access the labs. I have tried changing Browser to clear cache but nothing works. Can you please give me information about...

Last updated: Nov 16, 2023 10:52AM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Use HTTPs Poling with Private Collaborator Server - burpsuite_pro_v2022.11.4.jar

Hi there, I am running into issues when polling a private collaboration server over HTTPS. I receive "No connections to the polling server at <> could be opened. The collaborator will not work in this configuration." when...

Last updated: Nov 16, 2023 03:02AM UTC | 0 Agent replies | 2 Community replies | Bug Reports

Disappearance of the 'Proxy' Tab

Hello, I'm having trouble locating the 'Proxy' tab, which is hindering my ability to intercept requests. Attached are relevant screenshots for...

Last updated: Nov 15, 2023 12:23PM UTC | 1 Agent replies | 1 Community replies | Bug Reports

Domain with underscore gives error

I am trying to perform some tests on a website which domain name contains the underscore character '_' , the browser throws a 'ERR_SSL_PROTOCOL_ERROR', it doesn't even intercept requests made to the website and the only...

Last updated: Nov 15, 2023 12:20PM UTC | 8 Agent replies | 10 Community replies | Bug Reports

Burp proxy breaks public exploits for CVE-2023-46747

See the following issue report on one such exploit that Burp breaks: https://github.com/W01fh4cker/CVE-2023-46747-RCE/issues/3 Basically, the exploit relies on using the 'Transfer-Encoding: chunked, chunked' header with a...

Last updated: Nov 13, 2023 04:59PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Page 9 of 142

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image