Bug Reports

Report a bug

  • 100% CPU utilization in Burp Suite Pro 2.1.03

    Burp Suite Pro 2.1.03 keeps causing 100% CPU utilization when running an audit scan (earlier known as scanner). The scan task works for approximitely 2500-3000 requests after which it stops. Stopping the scanner does not cause the CPU utilization to return to normal levels. I have checked this with - all extensions disabled - all other tasks paused

    1 Agent Answer    1 Community Answer
    Sep 26, 2019 06:57PM UTC
  • 302 Redirect Not Picking Up Cookies

    Hello, I am using burp v1.7.31. This is about redirection 302 response code in burp. I am not getting "Follow Redirection" option in burp repeater while testing a particular application. The repeater options are set as "Never" in redirection and also 'process cookies' option is set . I have checked another web application and it does show "Follow Redirection"...

    3 Agent Answers    1 Community Answer
    Sep 26, 2019 05:18PM UTC
  • Burp v2.1.03 'Copy as curl command' puts cookies in curl -b and -H parameter

    With older versions of Burp 'Copy as curl command' only IIRC put cookies in the original request in the curl "-b" parameter but this current version also puts the same cookies in the "-H" parameter. Therefore in the curl command line the cookies appear twice. This might be easy to see in a small request but in a big request its not so easy to spot. This has just tri...

    1 Agent Answer    0 Community Answer
    Sep 25, 2019 03:14PM UTC
  • GUI performance slow to abyssmal under some (unclear) circumstance on start-up

    I have BurpSuitePro v2.1.03 on Debian Buster using KDE. It has generally worked as expected. I ran a scan of a copy of TeamCity. This generated ~250,000 requests overnight. Now each time I open the project file (~768MB) the response from the GUI is slow. Specifically when it is sorting the "Dashboard", "Issue Activity" panel for the first time. For example: After ...

    1 Agent Answer    0 Community Answer
    Sep 23, 2019 10:38AM UTC
  • IMessageEditor does not show markers

    When I set up a marked request or response for a IMessageEditor instance, it does not appear to be honored. The editor loads the message okay, but there aren't any markers on it. So if I do something like this: int[] markers = {1,10}; List<int[]> requestMarkers = new ArrayList<>(); requestMarkers.add(markers); markedRequestResponse = callbacks.applyMarkers(requestResponse,...

    1 Agent Answer    0 Community Answer
    Sep 23, 2019 01:58AM UTC
  • URL's not showing in target list

    I am having an weird issue I have not seen before. For some reason some pages I explore are not getting listed in the target list. I can send the page to repeater and intruder just fine, but when I expand the site on the target menu I don't see it. The site is contained in a subfolder and not on the root of the web server so to get to it its www.mysite.com/SOT/user/login.asp. I see the SOT fo...

    1 Agent Answer    0 Community Answer
    Sep 20, 2019 02:04AM UTC
  • EXTERNAL SERVICE INTERACTION (DNS)

    Hi Team, I am a facing below issue in my project, Please suggest the possible solution. Description: It is possible to induce the application to perform server-side DNS lookups of arbitrary domain names. The payload yacfs4cj5ocyq9mho4v2xqtq2h8bw3kwjk97zvo.burpcollaborator.net was submitted in the SSL SNI value and the HTTP Host header. The application performed a DNS lookup of the speci...

    1 Agent Answer    0 Community Answer
    Sep 19, 2019 12:52PM UTC
  • Burp (2.1.03) zerorised Content-Length in POST request

    Hi, I noted that Burp v2.1.03 For example, I insert an additional Content-Length header with arbitrary number on a POST request, on the Intercept tab. (Note the POST request had an existing Content-Length: 0 header, so I've inserted another one) Example POST .... .... Content-Length: 0 Content-Length: 9090 ... On the HTTP History tab, the same POST request shows two Conten...

    1 Agent Answer    0 Community Answer
    Sep 19, 2019 03:33AM UTC
  • Cannot load a specific font with "HTTP Display Message"

    Cannot load a specific font with "User options -> Display -> HTTP Display Message". I use the following "Myrica M" font. https://myrica.estable.jp/myricamhistry/ When "Myrica M" included in this font is set to "Font" of "HTTP Display Message", it is not set correctly (The font sample will be displayed blank). Other "Myrica N"...

    1 Agent Answer    0 Community Answer
    Sep 17, 2019 07:13AM UTC
  • ReadHandShakeRecord Error in Burp Suite Community v2.1.02

    Hi... I am getting 'ReadHandShakeRecord' error in Burp Suite Community edition v2.1.02. I have java Version 8 Update 221 installed on my Windows Server 2012 machine. I also set Proxy correctly in Burp Suite and in Browser too and also installed CA certificate. Can you please help me in resolving the issue?

    4 Agent Answers    4 Community Answers
    Sep 16, 2019 11:15AM UTC