Burp Suite User Forum

Login to post

Complete this training lab for serialized-objects

Shahid | Last updated: Jun 30, 2020 02:24PM UTC

I have been following the lab below however I cant seem to resolve or not expecting the results burp had found and unable to complete this lab https://portswigger.net/web-security/deserialization/exploiting/lab-deserialization-modifying-serialized-objects Any advice please? I can see the cookie session and burp has found the issue for serialized PHP object but not sure how to gain admin privileges after that?

Uthman, PortSwigger Agent | Last updated: Jun 30, 2020 02:30PM UTC

Hi Shahid, Unfortunately, we cannot provide any information ahead of the release of the official solutions. I suspect the solutions will be available very soon.

You need to Log in to post a reply. Or register here, for free.