Bug Reports

Report a bug

  • Dragger not showing after 200 requests

    Dragger not showing after >200 requests. Check this https://www.dropbox.com/s/yu9bx9misf57b31/Untitled.png?dl=0

    2 Agent Answers    1 Community Answer
    Sep 27, 2015 03:26PM UTC
  • Copy/Paste/Cut shortcuts (CTRL+C/V/X) are not working on Windows 10

    I upgraded to windows 10, installed the latest Oracle JRE 1.8.0_60-b27 and now the shortcut copy & paste functionality is not working anymore. I'm working with burpsuite 1.6.27 pro. The functionality worked on Windows 7 SP1 before upgrade. Any suggestions? Is it MS feature (=BUG) or an Oracle feature (=BUG)? Or this is just a great cooperation between them? Or burp uses a JRE key ca...

    3 Agent Answers    2 Community Answers
    Sep 24, 2015 09:34AM UTC
  • Fix gray autocomplete orphan dialogs

    When working on Kali 2.0 and maybe others, Burp Suite tries to autocomplete previously used input. This generates an empty grey window that, sometimes, remains open and it's added to the list of open windows. Closing this will close Burp suite without prompting for confirmation. root@kali:~/Burp# java -version java version "1.8.0_51" Java(TM) SE Runtime Environment (build 1.8.0...

    6 Agent Answers    6 Community Answers
    Sep 22, 2015 09:58AM UTC
  • Parameter of HTTP POST with Content-Type multipart/form-data could not be updated

    Hi all I'm not sure if I'm doing something wrong, but I experienced an issue when trying to remove or update a parameter of a multipart/form-data HTTP POST from a java extension. The original parameter is not removed but the new is added additionally to the edited request. Original Message: --------------------------------- POST /test/ HTTP/1.1 Host: testhost.brrrr User-Age...

    1 Agent Answer    0 Community Answer
    Sep 20, 2015 05:49PM UTC
  • Infinite .Null Files being created when using generateScanReport() with the file format "HTML&q...

    As part of my extension, I am using the generateScanReport() to create both the XML file and the HTML file. However, when I use generateScanReport() with the HTML format, while the HTML file does get created, files with the same name as the HTML file but with .NULL extension start getting created and I tried to stop this by unloading the extension, but it continued to create .NULL extension filed....

    1 Agent Answer    1 Community Answer
    Sep 16, 2015 07:32PM UTC
  • Scheme-relative URL are treated as root-relative ones

    Tested on v1.6.26 / Linux / Oracle 1.8.0_45-b14 In Repeater (at least), a header like "Location: //nicob.net" is treated as a redirection to "//nicob.net" on the same host. However, browsers will redirect to http(s)://nicob.net/, depending on the scheme used by the redirect page (cf http://tools.ietf.org/html/rfc3986#section-4.2). This can lead to Open Redirect false-negativ...

    1 Agent Answer    1 Community Answer
    Sep 15, 2015 11:54AM UTC
  • Burp Closes Randomly.

    Hi There! I'm a user of Burp Pro, I have recently switched to a Virtualized Environment (VirtualBox) running Kali Linux. Every so often Burp will randomly close. It can happen from using the Intruder or just capturing HTTP requests. As you can imagine it's quite an annoyance, especially when testing. A colleague of mine also has this issue, however it's less frequent on his Kali ...

    2 Agent Answers    1 Community Answer
    Sep 14, 2015 01:41PM UTC
  • Issue Definitions

    Not properly sorted by name. Capital letters should not make a difference. Findings should be mapped to OWASP Top 10 and WASC.

    1 Agent Answer    0 Community Answer
    Sep 13, 2015 10:55PM UTC
  • Issues not visible if related to 404 resources

    Hello, the scanner found a XSS in the referer header, and the answer is a custom 404 page with the XSS in the answer. However in the Target tab, the XSS is not visible if "Hide not-found items" is not disabled. Maybe vulnerabilities in the issues tab/window should be always visible... what you think? Thank you

    2 Agent Answers    2 Community Answers
    Sep 11, 2015 10:31AM UTC
  • Failure to open a Macro Recorder dialog

    Hi, Sometimes Burp fails to open a Macro Recorder dialog ( Options / Sessions / Macros > Add > Record macro ). I confirmed that it happens when Burp Proxy receive requests frequently (1req/5sec or more, I'm testing web application with Ajax). When it occurs I can't close a Macro Editor dialog (frozen or there is an invisible modal dialog?). So I have to kill the burp instance ...

    2 Agent Answers    0 Community Answer
    Sep 09, 2015 07:19AM UTC