How do I? - Page 7 - Burp Suite User Forum

java update - license problem

Hello, I decided to update java on windows through the default java update program. After doing so, my burp instance started asking for the license (I can't enter my license again because there are no more activations...

Lab: SSRF via flawed request parsing

I've been at this one for over a day. I've followed the steps outlined in the solution and followed the steps in the community video but I keep getting the same error. I get to the admin panel and find the csrf token....

Japanese characters are garbled in Inspector

Japanese characters are garbled in Inspector. My settings are as follows: (settings > User interface > Inspector and message editor) HTTP message display Font: MS ゴシック Character sets Use a specific character...

Reset Progress

I want to reset all learning and labs progress.

font in http message is hard to manipulate / read (overlap / unnecessarily space)

Hi All http messages overlap or are unnecessarily spaced, which makes reading quite complicated. When selecting the text, it moves (spacing before and after the cursor), which make it difficult to select. I'm currently...

Lab: HTTP/2 request smuggling via CRLF injection

Hello, I am doing the 'Lab: HTTP/2 request smuggling via CRLF injection', but for some reason, the GET request always contains a session cookie that is truncated (consists only of four characters); the full session cookie...

Unable to Access Labs in Burp Browser

Hello team, I am unable to access any laboratory using the Burp's Browser as I receive the response 'This site cannot be accessed' or 'Stream failed to close correctly.' However, I am able to open and connect to the labs...

Where can I find Burp User config File?

I need user config file to run Burp from command line. But I could not able to find user.config/.properties file. Kindly state me its location.

After completing labs, it's still showing lab as not completed

i finished lab LAB4 Exploiting clickjacking vulnerability to trigger DOM-based XSS (PRACTITIONER) and Basic clickjacking with CSRF token protection (APPRENTICE) but it still shows as not solved... Please can you...

Reset BURP License

What if I want to use a different license to activate BURP now? I am on Catalina and I am just not able to do that. Every time I try removing BURP pro & reinstalling it, it automatically gets activated with the previous...

Proxy options sub-tab

this should be easy for someone, I am learning burpsuite and watched a video of how to use match and replace presaved settings. Supposedly located under proxy in the options sub-tab. My burpsuite does not have this options...

Unable to login to the labs with the given credentials

Password brute-force via password change Offline password cracking For the above two labs, I entered username- weiner, password- peter. When I click on login it says invalid username or password. can anyone please...

Request Smuggling - Lab does not work

Hi there, when I try to send request smuggling it does not work at all. Request; POST / HTTP/1.1 Host: 0a5900b7040dfb4fc1db8f1c005d0093.web-security-academy.net Connection: keep-alive Content-Type:...

Won't progress past a URL

How can I skip a URL within a site while testing? I've scoured the forums and I can't seem to find a definitely answer. I don't have time to run BurpSuite manually to forward requests through Repeater, I just want it to run...

Sequencer: Token generation requires two requests

I would like to analyse token generated for a client's API. However their token generation mechanism requires a POST followed by a GET. The GET has the token embedded in the response body. Sequencer appears to be able to...

Burp Suite doesn't intercept requests made to the localhost

Hey everyone, For some days, I've been experiencing some issues with the burp suite on the brave browser, it doesn't intercept any requests being made to the localhost. I know this is a duplicate topic but the previous...

Academy

"I can no longer access the lab using BurpSuite's browser. I was able to access it before, and I can still view the lab's problems. I can't access it using either the Pro or Community versions, even after reinstalling....

Burpsuite Professional Kali Linux installation

Hello, I am trying to install BurpSuite Professional in my Kali Linux environment, but neither the online nor the manual activation work. They both fail with activation failed/an error occurred messages, respectively. Is...

How to save predefined payload list custom directory to JSON config file?

Hi, when I go to Intruder - Configure predefined payload lists -> can I create a JSON project/user config file with pre-selected directory of my choice for loading custom lists? I tried exporting User and Project...

JRE warning magic number

Hi, I use the Java version of Burp Suite Professional in Kali linux and on the first start it shows the well known message "Your JRE appears to be version 17.0.5 from Debian." When I check "Don't show again for this JRE"...