Bug Reports - Page 9 - Burp Suite User Forum

the size of the handshake message (42556) exceeds the maximum allowed size (32768)

when configuring burp proxy to website the proxy return page on the browser with this error : the size of the handshake message (42556) exceeds the maximum allowed size (32768). any solution

Automatic Throttling Error

Start a new scan. Go to Resource Pool. Check the box next to automatic throttling. Uncheck the box next to automatic throttling. Try to launch the scan. error message: "At least one throttling option must be selected".

Academy lab bug - Web shell upload via extension blacklist bypass

This is a file upload vulnerability lab, but it seems it's broken since I only get "missing parameter" error even when trying to upload a legit comment and...

Inspector Window in Proxy Tab Expands Indefinitely when Scrolling Through Proxy History

Hi there! As the title reads- I noticed that the inspector window within the proxy tab will continue to increase in size when a user scrolls up or down through the Proxy history. To demonstrate this, feel free to check out...

Visual issue with UI on Windows 11

All of sudden I've begun experiencing an issue with Burpsuite Pro on my Windows 11 system. After I crawl a site and begin reviewing the results in various tabs, tabs and windows are popping up and sliding all over the place....

No more activation allowed for this license.

Hello Portswigger team. Unfortunately i had to reinstall my OS multiple time so i used the activation key several time but now i get (No more activations allowed for this license), Can you please help me with this...

Proxy - Miscellaneous - Unpack gzip should apply on display not on original packet

In some cases, although there is Content-Encoding: gzip in the response header, the content is encrypted first and then decrypted by gzip, especially for mobile applications. At this time, I found that if I selected this...

Academy Labs - Solved labs; attempting to share via LinkedIN is running into an error

Academy Labs - Solved labs; attempting to share via LinkedIN is running into an error. Tried it several times, does not work.

Issue on Lab: Partial construction race conditions

Hi team, After successfully exploiting the race condition and being able "to bypass email verification and register with an arbitrary email address" (I got the user registration is successful message), I am still not able...

.burp file

my burpsuite project temporary file by mistakely delted from root..can i get back?

recorded login repeating

using burpsuite pro, i did a recorded login and used it in a scan it appears to login and do an authenticated crawl, however, if I watch the task details "live crawl view" it shows logging on over and over again. Is that...

CORS with Null origin challenge is broken

Hey, It seems that this challenge is broken as the browser does overwrite the Origin header when fetching a request with JS. It does work in Burp but not in real. Another challenge seems to be broken DOM cookie...

Lab status not updating

Dear all, I am currently working through the labs of the Portswigger Academy and noticed that the status of one of the labs is not updating (blind OS command injection with out-of-band data exfiltration). I used multiple...

Failed to launch my Burp's Browser

Health check result: Initiating health check Checking platform supported Success Checking browser binaries Success Checking headless browser Error Aborting checks due to...

Burp Context Sub-Menu Broken

Host - Windows Server 2016 Datacenter 10.0.14393 N/A Build 14393 Version - Burp Suite Pro v2023.8.1-22449 (running in a VM) Channel - Currently Early Adopter but also tested on Stable with same result. When I...

Search Functionality Results

Searching for a particular string with "Target, Repeater, Proxy, and Organizer" all checked under "Tools". It is not returning the requests that contain that string which have a Source of "Proxy." However, if I uncheck...

ARM64 browser on Linux

Hey all, Steev from the Kali team here. This is semi related to the other bug about BurpSuite Pro on Kali in a VM on MacBooks with the M1 processor (...

ERROR: "User ID controlled by request parameter, with unpredictable user IDs"

When I try to do the lab it wont let me login using the provided user:wiener and password:peter. It is not logging me in and I had to refresh the browser everytime and click the my account before it shows that I am logged...

Dom invader bug？

Hi, I found a small problem with dom invader. This is my code of html: <script> function getQueryVariable(variable) { var query = window.location.search.substring(1) var vars =...

Old response in Repeater if a custom tab is selected

Hi, I've been working on an extension for Burp and noticed if you have a custom tab selected (IMessageEditorTab) in Repeater for a response and you issue a different request, the old response is still shown in all the...