Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Challenge is solved when it should not be

sssss | Last updated: Jul 03, 2024 03:24PM UTC

Hi support, I was on the challenge "Exploiting HTTP request smuggling to capture other users' requests" and it got solved before I was able to make the simulated user's request beeing displayed in the comment. As a result I did not do the whole part about stealing his cookie and use it afterwards, but the challenge got solved anyway. You may try to do the challenge to see if it does indeed solve prematurely. Best regards, sssss ps: I saved a screenshot of the smuggled request I used in case you are interested

Michelle, PortSwigger Agent | Last updated: Jul 04, 2024 10:34AM UTC

Thanks for your message. Are you able to replicate this? If so, to help us understand what you are describing, can you send a screen recording of the steps you are taking to support@portswigger.net, please?

sssss | Last updated: Jul 04, 2024 02:34PM UTC

Hi again, I've tried to replicate it with the exact same request but I can't observe the same behavior as yesterday. Now it seems to work fine. I can't understand what happened differently from yesterday but the good news is that it works. Best regards, sssss

Michelle, PortSwigger Agent | Last updated: Jul 04, 2024 03:33PM UTC

Thanks for the update. If you do have any further issues, please let us know.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.