Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Connection resets and Failed to negotiate TLS connection

Burp Pro - has anyone else solved the issue of getting continual Connection Resets like fxxxing hundreds. And not being able to tell what is causing it Also lots and lots of Client failed to negotiate a TLS...

Last updated: Jan 18, 2021 10:12AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Labs Failing to Respond

Hi, I'm having issues with this lab,"Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria". As soon as I enter the X-Forwarded-Host header, the lab server fails to respond. I've...

Last updated: Jan 15, 2021 07:19PM UTC | 2 Agent replies | 3 Community replies | Bug Reports

Advanced Scope Control does not follow correct regex syntax

Hi, I noticed the advanced scope control mentions you can insert regex, but it does not actually follow correct regex syntax. Asterisk `*`, should be treated as a quantifier, matching zero to unlimited times, however...

Last updated: Jan 14, 2021 02:57PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

RegEx does not work properly on HTTP Request and Response

Hello I want to use regex to remove those empty lines from the HTTP responses that developers placed there. I used ^ to get the beginning of each line, but what it returns is just the first line of the response and...

Last updated: Jan 14, 2021 02:57PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Logic error in lntruder module

1、I need to brute force the username and password fields.See 1. JPG POST /xxx/xxx HTTP/1.1 Host: xxx.xxx.xxx.xxx Connection: close Content-Length: 56 Accept: application/json, text/javascript, /; q=0.01 Origin:...

Last updated: Jan 13, 2021 03:12PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Smart decode is not smart

The smart decoder is not working anymore for even simple base64 payloads. Please debug the issue and let me know. Thanks, Rod

Last updated: Jan 13, 2021 02:23PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

Request Text Mangling in Proxy

After right clicking and selecting "Send to Repeater" the request text becomes mangled (overlapped in some areas). Running Burp 2020.12.1 Professional with Dark theme in Ubuntu 20.

Last updated: Jan 12, 2021 03:58PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Backup file false positives

I am getting many, many instances of the "Backup file" issue type. The issue is that the scanner makes a request that is a variant of a legitimate request, for example instead of GET /users/sign_in.json, it will call GET...

Last updated: Jan 12, 2021 03:18PM UTC | 3 Agent replies | 4 Community replies | Bug Reports

Unable to reactivate license after removing burp from computer

Hi, I had my burp pro license at the limit. I wanted to remove it from one machine to activate it on another. So I did remove burp from my computer under the help menu, but it is now neither allowing activating the license...

Last updated: Jan 12, 2021 12:43PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Lab access control user role can be modified in user profile

Hi, I solved it once before but now I was revising and I think it crashed because when I logged in my user using the provided credentials wiener:peter then I went to my account page and then I submitted an updated email...

Last updated: Jan 11, 2021 12:48PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Failed to replay recorded login sequences

I followed the recorded login sequences instruction and successfully generated JSON objects for application login data. But I'm not able to replay and validate the data. All I see is a blank webpage during the replay. I...

Last updated: Jan 11, 2021 10:52AM UTC | 2 Agent replies | 1 Community replies | Bug Reports

SQL injection UNION attack, retrieving data from other tables

administrators password not working......... no problem with carlos and wieners

Last updated: Jan 11, 2021 10:27AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Intruder crashes Burp when using SOCKS5 proxy with DNS through proxy

Whenever I set Burp to go via a SOCKS5 proxy and I tick the box to send DNS requests through the proxy, everything works fine (proxy, repeater, etc) except Intruder, which shows an error "Failed to resolve hostname" and then...

Last updated: Jan 11, 2021 10:08AM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Burp becomes unusable over a Socks proxy

When connecting my browser to a Socks proxy I see expected page loading speeds but when I connect my browser to burp and burp to a Socks proxy burp takes forever to get the response and forward it to the browser if at all....

Last updated: Jan 11, 2021 09:52AM UTC | 3 Agent replies | 0 Community replies | Bug Reports

Lab access control user role can be modified in user profile

Hi, I solved it once before but now I was revising and I think it crashed because when I logged in my user using the provided credentials wiener:peter then I went to my account page and then I submitted an updated email...

Last updated: Jan 09, 2021 10:05PM UTC | 0 Agent replies | 0 Community replies | Bug Reports

Lab: SQL injection UNION attack, retrieving data from other tables

Hi, I am using the following payload in Burp Suite to get response containing usernames and passwords. GET /filter?category=Accessories'+UNION+SELECT+username,+password+FROM+users-- HTTP/1.1 I managed to get the...

Last updated: Jan 09, 2021 09:31AM UTC | 2 Agent replies | 3 Community replies | Bug Reports

On installation of Burp Suite Enterprise Edition on my Mac I am getting an error

The error says Unknown installation problem. Failed to connect to enterprise server.

Last updated: Jan 07, 2021 06:33PM UTC | 2 Agent replies | 1 Community replies | Bug Reports

Burp Pro v2020.12.1 not displaying spaces in 'Pretty' format

Hi Folks, I appear to have encountered a glitch with Burp Pro v2020.12.1. Whenever I attempt to enter a space in a JSON string such as "param": if the following character is not a " then the Request within Repeater will...

Last updated: Jan 07, 2021 05:03PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Data is read from location and passed to $()

Hi Team, Burp scan reported a vulnerability in following js statement from jquery.userTimeout.js library. Seems like a false positive, Could you please help me to understand how this can be exploited? Data is read...

Last updated: Jan 07, 2021 04:48PM UTC | 1 Agent replies | 0 Community replies | Bug Reports

Grep Extract Not Working Properly

Grep extract rules stopped working properly in recent versions. As recently as 2020.1 and still in 2020.2.1, creating a regex rule for a finished attack will not apply to the results, and string parsing rules only apply...

Last updated: Jan 07, 2021 03:03PM UTC | 3 Agent replies | 2 Community replies | Bug Reports

94 95
96
97 98

Page 96 of 156

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image