The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

can not recreate sql injection

Adam | Last updated: Apr 13, 2017 05:59PM UTC

I ran the burp suite scan on our internal website, they found a few sql injection listed as Tentative. I was trying to validate this error using the repeater option. I have not be able to validate this error, using the same error showing in the report. In the response --> tab HTML does show a error at all. Here is the Request from the report Content-Disposition: form-data; name="Amount_Requested" 555-555-0199@example.com' Here is the Response <html> <head> <!-- master_navitem: main_error_captcharequired --> I setup the raw request up the same Here is response from raw request setup <html> <head> <!-- master_navitem: undefined --> I have try to recreate error message many times, has not work once. Please help with this

Liam, PortSwigger Agent | Last updated: Apr 18, 2017 01:02PM UTC