Burp Suite User Forum

Create new post

Bug Lab Multistep clickjacking

vanviper | Last updated: Mar 26, 2024 08:27AM UTC

Hello, after building the payload on exploit server and viewing the exploit, I was redirected to the login page. I tried to login as wiener again there but the CSRF token is invalid ("Invalid CSRF token (session does not contain a CSRF token)"). Could you please check this issue of the lab?

Ben, PortSwigger Agent | Last updated: Mar 26, 2024 01:15PM UTC

Hi, There is currently an issue using the embedded browser in the later versions of Burp with the Clickjacking labs. Whilst we address this issue, you should, however, be able to solve these labs using a normal version of Chrome. Are you able to confirm that this is the case for you?

vanviper | Last updated: Mar 26, 2024 07:47PM UTC

Thank you for your answer. Chrome did not work for me. I experimented it again with Firefox and it worked this time.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.