Bug Reports

Report a bug

  • Burp won't start on my OSX machine any more

    Hi folks, Finding this one a little tricky to solve. Burp stopped working on my OSX system recently. I run it from the command line with something like: java -Xmx1024m -jar burpsuite_pro_v1.6.18.jar I get the splash screen, it goes away, and nothing else happens. I have an icon in the doc and there's something called 'StartBurp' running, but I never get the standard UI....

    5 Agent Answers    7 Community Answers
    Jun 18, 2015 05:14AM UTC
  • Exception on restore state

    Trying to restore state on Burp Pro 1.6.18 the following exception occurred: java.lang.IndexOutOfBoundsException: Index: 3, Tab count: 1 at javax.swing.JTabbedPane.checkIndex(JTabbedPane.java:1768) at javax.swing.JTabbedPane.setSelectedIndex(JTabbedPane.java:589) at burp.bec.a(Unknown Source) at burp.xwc.b(Unknown Source) at burp.t2.b(Unknown Source) at burp.bec.addNotify(Unknown So...

    1 Agent Answer    0 Community Answer
    Jun 17, 2015 09:54AM UTC
  • Python extension unloading itself periodically

    I have a toy Python extension that simply prints out all command-line arguments, and calls exitSuite if there were any to print. About 50% of the time that I run Burp Suite from the command prompt, there is no output and Burp Suite fails to close automatically. I inspect the Extender tab and I find that the extension I wrote is unloaded. I check the "Loaded" box, the extension compiles, ...

    1 Agent Answer    1 Community Answer
    Jun 12, 2015 04:12PM UTC
  • Burp triggers DNS queries despite using an upstream proxy

    Hi, We are experiencing performance issues with Burp, with some web application pages taking over a minute to load. After investigation, we found out that Burp was issuing local DNS requests which could not be resolved due to our setup: the browser and Burp are installed on a machine located in network A and web requests have to transit over a proxy to reach the web application located in netwo...

    1 Agent Answer    5 Community Answers
    Jun 10, 2015 11:34AM UTC
  • Missing identification of SQL injection

    Dear Sir, we identified a missing identification of Blind SQL injection on some specific parameter. The SQL injection is presented on a single parameter of a POST request. Like par=pluto par=pluto -> result A par=pippo -> blank page par=pluta -> blank page par=pl'||(SELECT+CHR(117))||'to -> result A par=pl'||(SELECT+CHR(116))||'to -> blank page The D...

    1 Agent Answer    0 Community Answer
    Jun 09, 2015 11:00AM UTC
  • Burp Suite generates "weak ephemeral Diffie-Hellman key" error with Firefox Developer Edit...

    I've been using Burp Suite with Firefox Developer Edition, but as of today, I cannot make HTTPS connections when using Burp Suite as a proxy. I now get the following error message: An error occurred during a connection to www.yahoo.com. SSL received a weak ephemeral Diffie-Hellman key in Server Key Exchange handshake message. (Error code: ssl_error_weak_server_ephemeral_dh_key) Unfortu...

    4 Agent Answers    11 Community Answers
    May 28, 2015 07:08PM UTC
  • Extensions loading multiple times when restoring state

    Whenever I restore a state file, it loads extensions multiple times. Burp 1.6.18, Java 8u45. Screenshot: https://imgur.com/sQ9EnMp

    2 Agent Answers    0 Community Answer
    May 19, 2015 05:19PM UTC
  • UI - custom shortcuts - not working in detached tabs

    Hi, when I set up custom keyboard shortcuts in Options:Misc:Hotkeys, they do not work in windows I detach using the Window:'Detach XY' submenu. Regards, igor

    1 Agent Answer    0 Community Answer
    May 18, 2015 05:27PM UTC
  • Possible bug in concrete class of IScanQueueItem

    Hi, I think I may have discovered a small bug with the concrete implementation of the IScanQueueItem returned by the doActiveScan methods. When I try to access a method, I get the following error: Exception in thread "JavaFX Application Thread" java.lang.IllegalAccessException: Class sun.reflect.misc.Trampoline can not access a member of class burp.a4g with modifiers "public&q...

    3 Agent Answers    6 Community Answers
    May 16, 2015 09:48PM UTC
  • Burp goes into headless mode with open jdk version 1.7.0_79

    Hi, Whenever I run Burp Suite on my system it prints following message and goes headless (no splash screen even). If i delete .java/.userPrefs/burp folder, then it even prints the license agreement on the screen. Proxy: Proxy service started on The exact java version is as below, java version "1.7.0_79" OpenJDK Runtime Environment (IcedTea 2.5.5) (7u79-2.5.5-0...

    1 Agent Answer    1 Community Answer
    May 16, 2015 07:16AM UTC