Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Academy lab do not update status randomly.

testernes | Last updated: Nov 23, 2022 10:32AM UTC

Hi, I see a problem with the update of the state of the laboratories that I finished correctly. They are randomly shown as unsolved. It is happening to me in SQLi and JWT attacks. Thank

Ben, PortSwigger Agent | Last updated: Nov 23, 2022 10:44AM UTC

Hi, Just to clarify the scenario that you are facing, you have successfully solved some of the labs but the status of these labs are not displaying as solved within your account (within the https://portswigger.net/web-security/all-labs page) or is there a different issue? If the above is correct, do you happen to know the specific names of any of the labs where you have observed this behaviour?

testernes | Last updated: Nov 30, 2022 06:09AM UTC

Hi, Quote: "Just to clarify the scenario that you are facing, you have successfully solved some of the labs but the status of these labs are not displaying as solved within your account (within the https://portswigger.net/web-security/all-labs page) or is there a different issue?" It is correct Quote: "If the above is correct, do you happen to know the specific names of any of the labs where you have observed this behaviour?" This happens randomly at the start of each session. Currently have not updated the following: -Lab: JWT authentication bypass via weak signing key -Lab: JWT authentication bypass via jku header injection -Lab: JWT authentication bypass via kid header path traversal

Ben, PortSwigger Agent | Last updated: Nov 30, 2022 05:19PM UTC

Hi, We are not aware of any issues regarding this - indeed, whilst testing this specific scenario out on a couple of different accounts I am able to solve these labs, which results in the solved status persisting in the lab summary page for that account so we would need to do some further investigation to try and identify why this is happening to you. Are you able to provide us with some screenshots of you solving one of the labs that you have mentioned and also some screenshots of the your 'All labs' status page so we can confirm that the labs are definitely being triggered as being solved and what is then being displayed in your account against that particular lab. Out of interest, does the 'All labs' page show that these labs have been successfully solved at some point but then the status reverts back to unsolved or are they alway listed as unsolved regardless of whether you solve them or not? It would probably be easier to email us this information so feel free to drop us an email at support@portswigger.net and we can take a look from there.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.