Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Academy lab bug - Web shell upload via extension blacklist bypass

Michel | Last updated: Aug 16, 2023 02:35PM UTC

This is a file upload vulnerability lab, but it seems it's broken since I only get "missing parameter" error even when trying to upload a legit comment and image: https://portswigger.net/web-security/file-upload/lab-file-upload-web-shell-upload-via-extension-blacklist-bypass Wonder if this is indeed broken or I'm just missing something.

Michelle, PortSwigger Agent | Last updated: Aug 17, 2023 09:41AM UTC

Hi Do you also have issues if you try to upload an image via the My Account page? Can you email some details of the steps you're taking and screenshots of what you're seeing to support@portswigger.net so we can take a closer look, please?

Michel | Last updated: Aug 17, 2023 05:34PM UTC

Hi! Actually it works fine from "my account" page. I went to the obvious place for image upload (the post itself) and neglected to look inside the profile. thanks!

shem | Last updated: Jul 13, 2024 02:33PM UTC

THIS LAB CRASHES DID EVERYTHING AS REQUESTED COUPLE OF TME BUT IT SEEMS THERE IS AN ERROR ON THE OTHER SIDE

Dominyque, PortSwigger Agent | Last updated: Jul 15, 2024 09:49AM UTC