How Do I?
Don't quite get the meaning of "iterate all values of submit fields"
What does "Spider >> Options >> Form Submission >> Iterate all values of submit fields" do? I've read https://portswigger.net/burp/help/spider_options.html : "Many forms contain multiple SUBMIT elements, which result in different actions within the application, and the discovery of different content. You can configure the Spider to iterate through the value...1 Agent Answer 1 Community AnswerJan 22, 2016 03:40PM UTC
Cannot set spider link depth to zero.
https://portswigger.net/burp/help/proxy_options.html#interception writes that "Spider >> Options >> CrawlerSettings >> Maximum Link Depth" accepts zero values: "A value of zero will cause the Spider to request seed URLs only" However, when I try to set the value to zero, the UI says "invalid value". How do we set it to zero?3 Agent Answers 0 Community AnswerJan 22, 2016 03:21PM UTC
Adding items into site map
Good afternoon, I see that there's a way to delete items in the site map. But how can we Add items into this site map manually? For example, I would like to add the request "http://example.org/a/b/c?d=e" into the site map. Best regards1 Agent Answer 0 Community AnswerJan 22, 2016 03:17PM UTC
Export "Certificate in DER format" vs "Private key in DER format"
I'm confused by two options in "Proxy>>Options>>Export CA Cert". What is the difference between "Export Certificate in DER format" and "Export Private key in DER format"? 1. If I "Export Private key in DER format", what program do I use to open this file? 2. Isn't the private key also within the "Export Certificate in DER ...2 Agent Answers 1 Community AnswerJan 21, 2016 11:12PM UTC
Where is the physical location of the "CA Cert" Burp uses?
Under https://portswigger.net/burp/help/proxy_options.html#listeners_requesthandling it states"Burp creates a unique, self-signed Certificate Authority (CA) certificate, and stores this on your computer to use each time Burp is run" Where is the physical location (on the file system) of this cert that Burp uses?2 Agent Answers 1 Community AnswerJan 21, 2016 09:50PM UTC
Binding proxy to "127.0.0.2"
How can I bind to "127.0.0.2" ? under "specific address" option, there is no such pre-populated option. Also the UI does not have a way to manually input "127.0.0.2".1 Agent Answer 0 Community AnswerJan 21, 2016 09:42PM UTC
Proxy unable to bind to "all interfaces"
I'm able to bind to "all interfaces" if I use port 8081. Or 8082. Or 808 or anything for that matter. But if I try to bind to "all interfaces" using port 8080, it fails. (UI doesn't allow me to tick the checkbox under the column "Running".) What is causing this problem? Why am I unable to bind to "all interfaces" using port 8080?2 Agent Answers 3 Community AnswersJan 21, 2016 09:20PM UTC
Does it only scan the response for <script></script> tags and remove those from the response? What about stuff like <input onclick="alert(1);"> And also, how does the removal work when faced with unequal opening and closing script tags like: 0 <script>1<script>2</script>3</script>41 Agent Answer 0 Community AnswerJan 21, 2016 08:39PM UTC
Burp is intercepting while "Intercept off".
I have intercept set to off. However, Burp is still intercepting my responses. This can easily be tested and verified by ticking some of the entries in Proxy>>Options>>Response Modification. Burp is clearly intercepting (and modifying) my responses even when intercept is off. Why is this happening and how can we fix this?1 Agent Answer 0 Community AnswerJan 21, 2016 08:33PM UTC
Spider request queue not stopping.
Hi, I have stopped the spider from running and cleared the queues. This was roughly 30 minutes ago. However, more and more requests are still getting queued. Why is this happening and how do I stop it?4 Agent Answers 3 Community AnswersJan 21, 2016 08:26PM UTC