Burp Suite User Forum

Create new post

Burp Overlay Menus no longer Working on Fedora 26

Norman | Last updated: Jan 31, 2018 11:09AM UTC

Hi, with Burp version 1.7.31 the overlay menus (like the proxy filter menu) are instantly closing as soon as one clicks on it. It is confirmed working with Burp version 1.7.27. Oracle java version: 1.8.0_162-b12 run command: java -Dawt.useSystemAAFontSettings=on -Dsun.java2d.d3d=false -Dsun.java2d.xrender=false -jar best regards, norman

Liam, PortSwigger Agent | Last updated: Jan 31, 2018 04:27PM UTC

Have you tried using the latest version of Oracle Java? Or using the platform installer version of Burp Suite?

Burp User | Last updated: Feb 04, 2018 02:33PM UTC

Hi, version 1.8.0_162-b12 is already the latest version (as Java 9 is not yet fully supported). A colleague of mine seems to have the exact opposite problem with the latest version (menus can't be closed anymore). The functionality worked perfectly till version 1.7.28 and stopped working with version 1.7.29 I tried OpenJDK 8 latest version, Oracle JDK 8 latest version and the packaged jre version. None work with version 1.7.29 or greater. best regards, norman

Liam, PortSwigger Agent | Last updated: Feb 05, 2018 09:04AM UTC

Thanks for the additional information. We'll try and reproduce this issue.

Liam, PortSwigger Agent | Last updated: Feb 05, 2018 11:10AM UTC

Thanks for keeping us updated. We're still unable to reproduce this in our testing. Currently using Fedora 26 with the installer version of Burp Suite (bundled with 1.8.0_112-b15). We'll try using 1.8.0_162-b12. In the meantime, you could try using the linux installer version of Burp Suite.

Burp User | Last updated: Feb 06, 2018 04:47PM UTC

If you try to search something in the repeater tab for example and burp trys to show the suggestion box, for recent search terms, that is a window for example, that doesn't close till burp is closed. This already affects 1.7.27.

Burp User | Last updated: Feb 08, 2018 03:23PM UTC

I'm using Qubes as main OS. So fedora runs inside a XEN VM. I've already tried the installer version and it had the same problems. (Under windows it works fine). I'll try to get it to reproduce in a VirtualBox image during the weekend. Hopefully that works, to help you reproduce it. Thanks for the update!

Liam, PortSwigger Agent | Last updated: Feb 08, 2018 03:23PM UTC

Thanks for the additional information Norman. We've made a note to investigate this further if we manage to reproduce it during testing.

Burp User | Last updated: Feb 12, 2018 12:58PM UTC

Ok so far the difference seems to be, that on my system a new window (with taskbar item) is created when I open a submenu. In a VM with virtualbox and fedora, the window is opened "within" the application and no new application window is registered. Sometimes the window stays open (but after closing can't be opened again ...). Maybe it is some kind of focus check, that immediately closes the window again? If I click the proxy bar on a normal system for example, the window always closes and opens again. Maybe that mechanism doesn't work here and instead of staying open, it just closes again...

Burp User | Last updated: May 22, 2018 03:06PM UTC

I have the exact same issues as Norman H and also use the virtualization desktop Qubes OS (Release 3.2). I guess it is some distribution specific configuration of Qubes (e.g. window manager configuration). Any help would be great!

Liam, PortSwigger Agent | Last updated: May 22, 2018 03:08PM UTC

Thanks for the report Jan. We'll have another go and reproducing the issue.

Liam, PortSwigger Agent | Last updated: May 29, 2018 10:44AM UTC

Norman. We've been unable to reproduce the issue. It would be a great help if you could help us narrow down the exact version change when the issue occurred. You mentioned there is no issue with 1.7.27 and the issue occurs from 1.7.31 onwards? Would it be possible to try out 1.7.28, 1.7.29 and 1.7.30?

Burp User | Last updated: Jun 12, 2018 12:21PM UTC

Hi! The issue started to appear in Burp 1.7.29. Everything works fine in Version 1.7.28. And I can confirm that it is a Qubes specific issue with any recent Java version. I have not been able to reproduce it on any other system (tried windows 7 and windows 10, I tried running multiple distros with different window managers in a VM on windows and live directly on the laptop and with windows VMs under linux). It not only affects burp, the Intellij Rider has the same problem. I also tried multiple different linux version within the qubes VM itself (fedora 24 - 27) and debian 8 and 9, same result. It must an issue with how the sub windows are opened programmatically in the java user code. I also tried Oracle JDK 7,8,9 with different sub versions and OpenJDk to no avail.

Liam, PortSwigger Agent | Last updated: Jun 12, 2018 12:30PM UTC

Thanks for the information and updates Norman. We made a change from 1.7.28 to 1.7.29 to address another issue, which may have inadvertently triggered this issue. We don't think this is a bug in our software so we're going to monitor the situation and take another look if it isn't fixed long term.

Burp User | Last updated: Jun 12, 2018 12:46PM UTC

I also opened a issue with qubes now: https://github.com/QubesOS/qubes-issues/issues/3982

Burp User | Last updated: Jun 13, 2018 09:31AM UTC

Hm with intellij it appears to be a regular issue: https://youtrack.jetbrains.com/issue/IDEA-189280

Burp User | Last updated: Jun 13, 2018 01:01PM UTC

Qubes refused to fix it and already closed it with not our bug. So only way this is going to be fixed is, if burp addresses it in the java code itself.

PortSwigger Agent | Last updated: Jun 13, 2018 01:10PM UTC

Hi Norman, Thanks for letting us know. We are going to investigate the relevant code in Burp to what we had in 1.7.28. Unfortunately, because we can't replicate the issue ourselves, we can't confirm the fix has worked. We'll let you know when we make progress.

Burp User | Last updated: Jun 21, 2018 04:21PM UTC

Always happy to test unstable builds etc. Just drop me a mail!

Liam, PortSwigger Agent | Last updated: Jun 21, 2018 04:22PM UTC

Just to let you know that this issue should be fixed in today's release (1.7.35). Thanks for your feedback and please let us know if you run into any other problems.

Liam, PortSwigger Agent | Last updated: Jun 29, 2018 10:02AM UTC

It looks like the fix worked for other versions of Linux, but not Qubes. We'll continue to investigate this issue. In the meantime we'd recomend using another OS.

Burp User | Last updated: Jul 03, 2018 07:14AM UTC

Unfortunately, the release 1.7.35 has the same behaviour.

Burp User | Last updated: Jul 03, 2018 12:04PM UTC

Pretty hard to switch to another OS just so, after you migrated to Qubes OS (its not like switching linux distros, more like switching from windows to linux or macos to linux regarding the effort) ;) I'll stick with version 1.7.28 for now :)

Liam, PortSwigger Agent | Last updated: Jul 03, 2018 12:24PM UTC

Thanks for the update Simon.

Burp User | Last updated: Aug 21, 2018 03:23PM UTC

Hi; the same Issue with Qubes 4.0 + Kali + Burp 1.7.37. Can I somehow download Burp 1.7.28 if it is reported to work ok?

Burp User | Last updated: Aug 21, 2018 03:44PM UTC

So I have downloaded Linux installer v1.7.28 and can confirm that the drop-down menus work fine on Debian 8 AppVM under Qubes 4.0

Burp User | Last updated: Aug 24, 2018 07:05PM UTC

Also effects Burp 2.0 Beta.

PortSwigger Agent | Last updated: Aug 28, 2018 11:15AM UTC

We've believe we've identified the change between 1.7.28 and 1.7.29 that introduced this behavior. We're going to revert this which hopefully will resolve these issues.

Burp User | Last updated: Nov 26, 2018 08:21PM UTC

Hi, this specific problem still affects v2.0.12beta on Debian 9 under Qubes 4.0. Any updates or, at least, ideas?

Burp User | Last updated: Nov 28, 2018 10:45AM UTC

Maybe it will help that in the intruder module a similarly functioning filtering module visible after the launch of the attack works correctly.

Burp User | Last updated: Dec 01, 2018 02:34PM UTC

This still persists to be an issue for me as well, and it it currently keeping me from using QubesOS to bolster my personal security regarding client data. The QubesOS team seem unwilling to fix this as they believe it is not their issue. It would be greatly appreciated if this could be resolved.

Burp User | Last updated: Dec 03, 2018 12:09PM UTC

I have exactly the same problem, using Qubes OS 4.0 & BurpSuite v1.7.36

PortSwigger Agent | Last updated: Dec 04, 2018 11:47AM UTC

The change will be in the next beta release. We'll notify you when this is made public.

Burp User | Last updated: Dec 21, 2018 07:48PM UTC

Hello, Is there any update on this? Thanks!

Burp User | Last updated: Jan 06, 2020 08:14AM UTC

Actually the problem with the overlay menu for filtering was resolved for the last releases and worked for ca. 1 year (e.g. with version 2_1_04 I have no issues). Since the latest release the issue is again back (2_1_07). May you please investigate on this? That would be great as the problem was already fixed. Thank you in advance!

Ben, PortSwigger Agent | Last updated: Jan 06, 2020 11:01AM UTC

Hi Jan, Can you give examples of the behavior that you are seeing and also what environment that you are using so that we can investigate?

Burp User | Last updated: Jan 08, 2020 09:49AM UTC

Hi, thank you for investigating! Environment: I am working with Qubes OS 4.1 which is based on Fedora 31 (dom0 which represents the GUI) and the Burp Suite is running on a Debian 9 VM. Behavior: When I try to filter the HTTP history and click on the filter bar, the expected filter window flashes up, but immediately disappears. I can repeat this behavior, but the window keeps disappearing. Best regards, Jan

Ben, PortSwigger Agent | Last updated: Jan 08, 2020 11:30AM UTC

Hi Jan, We do not currently have a version of Qubes to test against but I will attempt to set this up in order to determine whether I can replicate the issue that you are experiencing. This behavior, however, is not being observed in either the Windows, MacOS or Linux versions so it might well be particular to the Qubes OS/Debian VM that you are running with (or a combination of both). I will try and investigate further and see if I can shed any light on the issue.

Ben, PortSwigger Agent | Last updated: Jan 09, 2020 11:44AM UTC

Hi Adrian, Yes, if you are using Burp Professional then you have access to all previous versions from within your account page on portswigger.net. Please let us know if you require any further information.

Burp User | Last updated: Jan 22, 2020 03:47PM UTC

Hi, Is it possible to download 2.1.06 version? In the current version I have the same problem on QubesOs and it makes it difficult for me, in the previous one there was no problem.

Tom | Last updated: Apr 30, 2020 07:21AM UTC

Hi, I got it to work on NixOS by setting the environment variable `_JAVA_AWT_WM_NONREPARENTING` to 1. Hope it helps.

Jan | Last updated: Jun 09, 2020 07:32AM UTC

Hi, the current version Burp Suite Professional v2020.5 fixed the issue for me. @Tom: Setting the environment variable didn't fix the problem in my setup for older Burp Suite versions. My setup is Qubes OS 4.1 and Debian 10 in AppVM.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.