Bug Reports

Report a bug

  • URL's not showing in target list

    I am having an weird issue I have not seen before. For some reason some pages I explore are not getting listed in the target list. I can send the page to repeater and intruder just fine, but when I expand the site on the target menu I don't see it. The site is contained in a subfolder and not on the root of the web server so to get to it its www.mysite.com/SOT/user/login.asp. I see the SOT fo...

    1 Agent Answer    0 Community Answer
    Sep 20, 2019 02:04AM UTC
  • EXTERNAL SERVICE INTERACTION (DNS)

    Hi Team, I am a facing below issue in my project, Please suggest the possible solution. Description: It is possible to induce the application to perform server-side DNS lookups of arbitrary domain names. The payload yacfs4cj5ocyq9mho4v2xqtq2h8bw3kwjk97zvo.burpcollaborator.net was submitted in the SSL SNI value and the HTTP Host header. The application performed a DNS lookup of the speci...

    1 Agent Answer    0 Community Answer
    Sep 19, 2019 12:52PM UTC
  • Burp (2.1.03) zerorised Content-Length in POST request

    Hi, I noted that Burp v2.1.03 For example, I insert an additional Content-Length header with arbitrary number on a POST request, on the Intercept tab. (Note the POST request had an existing Content-Length: 0 header, so I've inserted another one) Example POST .... .... Content-Length: 0 Content-Length: 9090 ... On the HTTP History tab, the same POST request shows two Conten...

    1 Agent Answer    0 Community Answer
    Sep 19, 2019 03:33AM UTC
  • Cannot load a specific font with "HTTP Display Message"

    Cannot load a specific font with "User options -> Display -> HTTP Display Message". I use the following "Myrica M" font. https://myrica.estable.jp/myricamhistry/ When "Myrica M" included in this font is set to "Font" of "HTTP Display Message", it is not set correctly (The font sample will be displayed blank). Other "Myrica N"...

    1 Agent Answer    0 Community Answer
    Sep 17, 2019 07:13AM UTC
  • ReadHandShakeRecord Error in Burp Suite Community v2.1.02

    Hi... I am getting 'ReadHandShakeRecord' error in Burp Suite Community edition v2.1.02. I have java Version 8 Update 221 installed on my Windows Server 2012 machine. I also set Proxy correctly in Burp Suite and in Browser too and also installed CA certificate. Can you please help me in resolving the issue?

    2 Agent Answers    1 Community Answer
    Sep 16, 2019 11:15AM UTC
  • Trouble intercepting IOS app with new version

    The new version of burp (v 2.1.03) have trouble intercepting IOS traffic. My IOS device and burp is configured properly but it still gives error "the client failed to negotiate an ssl connection". I used an older version (v 2_0_5 beta) to test and it worked fine and intercept traffic from IOS device.

    1 Agent Answer    0 Community Answer
    Sep 10, 2019 05:10PM UTC
  • Burp 2.1.03 live audit doesn't resume after pause.

    When preforming a test on on a site i paused the live audit while manually testing a function. when i hit the resume button button nothing seems to happens other then the play button turning to a pause button. the request counter doesn't seem to go up and and nothing is getting put in the the event log. i have had to delete the live task and create a new one which is getting annoying as it st...

    1 Agent Answer    0 Community Answer
    Sep 10, 2019 12:35PM UTC
  • error

    --------------------------- Error --------------------------- You must be at least Poweruser to run this program. --------------------------- OK ---------------------------

    1 Agent Answer    0 Community Answer
    Sep 09, 2019 10:53PM UTC
  • Transparent proxy (invisible mode) doesn't work for OSX 10.14.6

    Burp Invisible Proxy doesn't work for OSX 10.14.6 if the Application Firewall is turned on. To proxy HTTP requests from iOS device, I configured testing environment as follows: * I paired iOS device to MacBook via Bluetooth * Internet Sharing (sharing Wi-Fi with Bluetooth PAN) is enabled on Mac OS X * Port forwarding is configured as below (using pfctl) - rdr pass on bridge100 inet p...

    1 Agent Answer    0 Community Answer
    Sep 09, 2019 08:52AM UTC
  • Bugs

    Any pieces of the puzzle that can be found?

    1 Agent Answer    0 Community Answer
    Sep 07, 2019 01:27AM UTC