Bug Reports

Report a bug

  • Intruder: Remove several payloads at the same time

    Hi, In intruder, when creating the list of payloads to be injected. If several entries are selected from the list (by using shift or ctrl button) and Remove options is clicked, it does not remove all the selected entries but only one. Regards, Carlos

    1 Agent Answer    0 Community Answer
    Oct 21, 2015 09:14AM UTC
  • a couple of UI bugs

    Hi, long time user and supporter :D Two small glitches that caught my eye today: 1. tool tips need to be updated with information that issues were moved to Target tab (and that Target is what you need to save in order to save the issues of a project). Currently, the information is misleading, it says to save the scanner tab to save issues. New users will be confused. 2. Report a bug th...

    2 Agent Answers    1 Community Answer
    Oct 12, 2015 01:04PM UTC
  • Software caused connection abort: recv failed

    Hi I get this error message while running BurpSuite: Software caused connection abort: recv failed Would you please help me resolve the problem? Thank you

    1 Agent Answer    2 Community Answers
    Oct 07, 2015 09:03AM UTC
  • Higher unicode characters mangled when pasting

    When pasting text into Burp Suite, with the text containing unicode characters with a codepoint higher than 255, Burp Suite will mangle the characters. For characters with a unicode code point lower than 65536, the result is that the higher byte of each code point is discarded. To reproduce: * select the following text and copy it to the clipboard: ňťŬŬůĠŗůŲŬŤġ * in Burp Suite, paste the text...

    2 Agent Answers    3 Community Answers
    Sep 30, 2015 12:37PM UTC
  • Probable bug: SQL injection avoidable false positive ?

    "Issue detail The [...redacted...] cookie appears to be vulnerable to SQL injection attacks. The payload ' and '6143'='6143 was submitted in the Auth-Portal cookie, and a database error message was returned. You should review the contents of the error message, and the application's handling of other input, to confirm whether a vulnerability is present. The database ...

    1 Agent Answer    0 Community Answer
    Sep 28, 2015 08:54AM UTC
  • Dragger not showing after 200 requests

    Dragger not showing after >200 requests. Check this https://www.dropbox.com/s/yu9bx9misf57b31/Untitled.png?dl=0

    2 Agent Answers    1 Community Answer
    Sep 27, 2015 03:26PM UTC
  • Copy/Paste/Cut shortcuts (CTRL+C/V/X) are not working on Windows 10

    I upgraded to windows 10, installed the latest Oracle JRE 1.8.0_60-b27 and now the shortcut copy & paste functionality is not working anymore. I'm working with burpsuite 1.6.27 pro. The functionality worked on Windows 7 SP1 before upgrade. Any suggestions? Is it MS feature (=BUG) or an Oracle feature (=BUG)? Or this is just a great cooperation between them? Or burp uses a JRE key ca...

    2 Agent Answers    1 Community Answer
    Sep 24, 2015 09:34AM UTC
  • Fix gray autocomplete orphan dialogs

    When working on Kali 2.0 and maybe others, Burp Suite tries to autocomplete previously used input. This generates an empty grey window that, sometimes, remains open and it's added to the list of open windows. Closing this will close Burp suite without prompting for confirmation. root@kali:~/Burp# java -version java version "1.8.0_51" Java(TM) SE Runtime Environment (build 1.8.0...

    6 Agent Answers    6 Community Answers
    Sep 22, 2015 09:58AM UTC
  • Parameter of HTTP POST with Content-Type multipart/form-data could not be updated

    Hi all I'm not sure if I'm doing something wrong, but I experienced an issue when trying to remove or update a parameter of a multipart/form-data HTTP POST from a java extension. The original parameter is not removed but the new is added additionally to the edited request. Original Message: --------------------------------- POST /test/ HTTP/1.1 Host: testhost.brrrr User-Age...

    1 Agent Answer    0 Community Answer
    Sep 20, 2015 05:49PM UTC
  • Infinite .Null Files being created when using generateScanReport() with the file format "HTML&q...

    As part of my extension, I am using the generateScanReport() to create both the XML file and the HTML file. However, when I use generateScanReport() with the HTML format, while the HTML file does get created, files with the same name as the HTML file but with .NULL extension start getting created and I tried to stop this by unloading the extension, but it continued to create .NULL extension filed....

    1 Agent Answer    1 Community Answer
    Sep 16, 2015 07:32PM UTC