The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Bug Lab Multistep clickjacking

vanviper | Last updated: Mar 26, 2024 08:27AM UTC

Hello, after building the payload on exploit server and viewing the exploit, I was redirected to the login page. I tried to login as wiener again there but the CSRF token is invalid ("Invalid CSRF token (session does not contain a CSRF token)"). Could you please check this issue of the lab?

Ben, PortSwigger Agent | Last updated: Mar 26, 2024 01:15PM UTC

Hi, There is currently an issue using the embedded browser in the later versions of Burp with the Clickjacking labs. Whilst we address this issue, you should, however, be able to solve these labs using a normal version of Chrome. Are you able to confirm that this is the case for you?

vanviper | Last updated: Mar 26, 2024 07:47PM UTC