Bug Reports

Report a bug

  • Url decode shortcut doesn't work

    Hello ! I have an issue with burp suite professionnel . The shortcut ctrl+shift+u for url decode doesnt work. If I change the shortcut for this action it works I ask a few friends and the bug seems to be on everyone. Thanks

    1 Agent Answer    2 Community Answers
    Apr 27, 2019 09:03AM UTC
  • Control Click Copy in Intruder Not working.

    I am trying to control-click and copy a column in Intruder with no luck. Single and double clicking is not working. Double clicking with the control key held down simply sorts. This is using versions 2.0.19 (Windows) and 2.0.20 (Linux).

    2 Agent Answers    2 Community Answers
    Apr 27, 2019 12:49AM UTC
  • Intruder variable throttling disabled

    Hi, i noticed that in BSPro 2.0.20beta i'm unable to setup variable throttling for the Intruder attack tool, the "step" field just remains disabled. https://i.imgur.com/LZBstas.png

    1 Agent Answer    1 Community Answer
    Apr 26, 2019 04:58PM UTC
  • Getting MOZILLA_PKIX_ERROR_MITM_DETECTED when trying to run burp.

    Got this error out of nowhere as I had been running burp regularly on firefox without issues earlier in the day. I ran into the same problem on chrome as well. I have deleted the certificate, cleared the cache, unistalled firefox and cleared the profile folder, reinstalled firefox and reinstalled the certificate, and still cannot get past the error. Any insight?

    7 Agent Answers    7 Community Answers
    Apr 25, 2019 09:11PM UTC
  • Burp Suite Pro, v2.0.20beta Load Scope Buttons do not work.

    Burp Suite Pro, v2.0.20beta: In Target/Scope (tab), a scope set (Include and Exclude from scope) can be exported using the "Save" option from the gear icon. The scope can be reloaded in another session by using the "Load" option from the gear icon, but not from the "load" buttons on the left of the Include or Exclude windows.

    1 Agent Answer    0 Community Answer
    Apr 25, 2019 03:09PM UTC
  • 2.0.0beta20 crashes due to Out of Memory error

    I just started using beta20 and it has now crashed on me twice in two days. Once in the scan phase and just now while being a plain proxy (although with Active Scan++ enabled). hs_err log says Out of Memory Error. This VM has 4GB of memory, which is the minimum required. I've used several previous 2.0.0 series beta versions on this VM before and this hasn't happened with them. Is ...

    1 Agent Answer    0 Community Answer
    Apr 25, 2019 09:40AM UTC
  • Ignores JSON parameters after {}

    Dear, I found that the string {} in JSON of a request body, meaning an empty object, makes following parameters not recognized as the ones. The version is Burp Suite Professional v1.7.37. For example, I have a POST request with the following body in Intruder: { param_a: "val_a", param_b: { param_b_1: 10, param_b_2: true }, param_c: {}, param_d: 80, pa...

    2 Agent Answers    1 Community Answer
    Apr 23, 2019 06:13AM UTC
  • False Negative in AngularJS XSS?

    Hello, I've a vulnerable Web application where injection inside an AngularJS 1.0.0 context is possible. That leads to a XSS via {{...}}, that is easily exploitable. I know that, at some point, Burp Suite managed to detect this vulnerability (I even have screenshots!). However, I tried today with v2beta20 and v1.7.37, and I didn't manage to find this bug through an Active Scan. ...

    2 Agent Answers    3 Community Answers
    Apr 17, 2019 04:00PM UTC
  • Burp suite on iOS 12 not working

    Hello, I'm trying to make an interception with my iOS device, I followed the tutorial here: https://support.portswigger.net/customer/portal/articles/1841108-configuring-an-ios-device-to-work-with-burp The web pages never load in the browser of my phone, which forced me to send the certificate via email and installing it. However, even after the installation of the certificate, the web...

    3 Agent Answers    4 Community Answers
    Apr 17, 2019 10:55AM UTC
  • burp proxy

    Hi, I am using Burp professional 1.17.37 version How to set the proxy for https requests..? By default. its http only, so hw to change that one to https..??

    2 Agent Answers    1 Community Answer
    Apr 10, 2019 10:37AM UTC