Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Basic clickjacking with CSRF token protection

Ashish | Last updated: May 11, 2020 02:03PM UTC

Is there a bug or something because the lab needs to login using given credentials and whenever i try to do that it logs me in the first time but if i reload or log out it wont let me login again and says invalid username and password

Uthman, PortSwigger Agent | Last updated: May 11, 2020 02:29PM UTC

Are you using Chrome and following the steps in the solution? Can you wait 15mins for the lab to reset and try again? It appears to work fine for me.

Ashish | Last updated: May 12, 2020 10:30AM UTC

ya i did it with chrome too but for making it work again i have to restart my whole system. its happening with that lab only and not other clickjacking labs.

Uthman, PortSwigger Agent | Last updated: May 12, 2020 10:31AM UTC

Thanks for that report. Can you confirm whether the lab is now successfully complete?

Ashish | Last updated: May 13, 2020 01:08PM UTC

ya labs working no problem on that, i just thought you should know. :)

Uthman, PortSwigger Agent | Last updated: May 13, 2020 01:29PM UTC

Perfect, thank you!

Deep | Last updated: Nov 15, 2020 10:35AM UTC

hello i tryd to solve this lab many times i read many stuff abut it and tryd many things also but im not able to solve this lab or any other Clickjacking labs

Uthman, PortSwigger Agent | Last updated: Nov 16, 2020 09:58AM UTC

deep1, Are you using the official solution or a video solution from YouTube? Can you provide an example of a lab that you cannot complete?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.