Burp Suite User Forum

Login to post

having Difficulties in solving lab

i am trying to solve this lab Lab: Developing a custom gadget chain for Java deserialization . When i am trying to serialise java cookie i am using your githup main.java in repl.it but i am getting an...

Last updated: Jul 10, 2020 10:53AM UTC | 2 Agent replies | 2 Community replies | How do I?

problem cert with android

hello i have problem when install cer in android The client failed to negotiate a TLS connection to fds:443: Received fatal alert: certificate_unknown i try solved with this article...

Last updated: Jul 10, 2020 10:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

Resource management

Hi community, i have a question regarding RAM usage, as far as i know burpsuite will take half of the RAM of the machine to crawl and audit, but i was wondering if is there an option to increase the amount of RAM singed to...

Last updated: Jul 10, 2020 09:29AM UTC | 1 Agent replies | 0 Community replies | How do I?

Burp Suite Professional project Creation

In Burp Suite Professional while creating a new message error message is sent saying could not create file C:\ProgramFiles\BurpSuitePro\2020-07-10-Test.burp.The new project is created using burp default configuration. What...

Last updated: Jul 10, 2020 08:34AM UTC | 1 Agent replies | 0 Community replies | How do I?

Lab Login Not Working

Lab: Exploiting HTTP request smuggling to capture other users' requests i GOt the session cookie and csrf too but i am not able to login session=IaHcO3qG7jv7aC03vFVa60keMi1kYNAG...

Last updated: Jul 10, 2020 08:07AM UTC | 3 Agent replies | 5 Community replies | How do I?

Automatic invocation of __destruct method

I was doing this challenge https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-arbitrary-object-injection-in-php And as I read the solution (the ";" character at the end was missing in my...

Last updated: Jul 10, 2020 07:22AM UTC | 1 Agent replies | 0 Community replies | How do I?

The client failed to negociate a TLS connections to ****:443: Received fatal alert: certificate_unknown

Hi Support, I'm trying to set up Burp to catch the traffic from a virtual mobile app on an android emulator, but I'm getting the following error on Burp: "The client failed to negociate a TLS connections to ****:443:...

Last updated: Jul 10, 2020 07:18AM UTC | 1 Agent replies | 0 Community replies | How do I?

Lab Not Responding

I am Doing Practice on Web cache poisoning to exploit a DOM vulnerability via a cache with strict cacheability criteria Lab But Alert doesnt calling out. i Tried 10 times at regular interval but that didn't work. X-Cache:...

Last updated: Jul 10, 2020 07:13AM UTC | 1 Agent replies | 0 Community replies | How do I?

Lab Not Working Properly

I am trying to solve this lab(Exploiting HTTP request smuggling to perform web cache poisoning) But seems it is not working properly i tried as per video solution by Micheal sommer. Request:- POST / HTTP/1.1 Host:...

Last updated: Jul 09, 2020 01:58PM UTC | 1 Agent replies | 1 Community replies | How do I?

How to export report into PDF file

Dear support I would like to understand how to export a report to PDF file or what is the best way to convert it from XML. Thank you in advance.'

Last updated: Jul 09, 2020 11:14AM UTC | 1 Agent replies | 0 Community replies | How do I?

Kali linux Raspberry pi Burp install error

I looked around the forums and I have not seen a fix yet, maybe I missed it. From what I did find, is that you need to be on 64 bit. Raspberry pi 4 specs: Broadcom BCM2711, Quad core Cortex-A72 (ARM v8) 64-bit SoC 8GB...

Last updated: Jul 09, 2020 08:43AM UTC | 2 Agent replies | 1 Community replies | How do I?

Configure Burp to avoid untrusted connection message

Hi, I am trying to use burp suite with kali and for some reason when using the proxy i can't intercept any site due to untrusted connection message.Adding security exception does not help, also tried exporting and importing...

Last updated: Jul 09, 2020 08:12AM UTC | 10 Agent replies | 14 Community replies | How do I?

Burp could not obtain file lock of project file

Dear team , I am receiving the same error as mentioned in the following post: "Embedded DB: the embedded database requires file locking which is not supported by the selected data directory burp...

Last updated: Jul 08, 2020 03:13PM UTC | 1 Agent replies | 0 Community replies | How do I?

Burpsuite_Pro_v2020.4.1 installation error

Hi , When i try to open Burpsuite_Pro_v2020.4.1 by clicking on the jar file , it gives me an error : "A JNI error has occurred ,please check your installation and try again " and i have java version "1.8.0_251" installed...

Last updated: Jul 08, 2020 02:14PM UTC | 2 Agent replies | 1 Community replies | How do I?

Lab Not Responding

I am Trying to solve Multistep CLickjacking lab. both buttons are aligned but the lab is not solving here what is my exploit script:- <style> iframe { position:relative; width:500px; height:...

Last updated: Jul 08, 2020 02:12PM UTC | 2 Agent replies | 3 Community replies | How do I?

Run a scan

1- Have a list of 5 target websites 2- For each site unable to run a scan as the option is greyed out and cannot select

Last updated: Jul 08, 2020 12:54PM UTC | 1 Agent replies | 2 Community replies | How do I?

ERROR :: The embedded database requires file locking which is not supported by the selected data directory burp suite

Hi, I am unable to install BurpSuite Enterprise, Prompt with below error while installing can you please assist on priority. " The embedded database requires file locking which is not supported by the selected data...

Last updated: Jul 08, 2020 12:02PM UTC | 4 Agent replies | 4 Community replies | How do I?

Burp Suite Enterprise - Create a Site with referrals to other URLs

We recently purchased Enterprise and I have noticed that Burp only scans the initial site that contains the SSO / authentication, then stops. I have then put the URLs into the site URL section that the page refers the user...

Last updated: Jul 08, 2020 11:39AM UTC | 1 Agent replies | 0 Community replies | How do I?

Web cache poisoning with an unkeyed header

Asslamu alikum to all I tried "Web cache poisoning with an unkeyed header" lab many times, but I am not getting X-Cache:Hit from the server can you check if everything is fine with the lab cause given solution did not work...

Last updated: Jul 08, 2020 08:49AM UTC | 1 Agent replies | 0 Community replies | How do I?

Can you edit vulnerability severity on Burp Enterprise?

Hi! I was looking at some scan results on Burp Enterprise and was wondering if a vulnerability's severity could be lowered. i.e. an XSS on an internal web app is lower severity than on a publicly accessible web app. I...

Last updated: Jul 07, 2020 06:17PM UTC | 1 Agent replies | 0 Community replies | How do I?

Page 2 of 120

Burp Suite Support Center

Your source for help and advice on all things Burp-related.

Burp Suite Support Center image