Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Login to post

CSRF vulnerability with no defenses -> not solved but exploit works

Massimo | Last updated: Mar 09, 2023 02:57PM UTC

Hi, i'm trying to solve the lab, also the lab "CSRF where token validation depends on request method" in both labs the exploit works for me and i can change the mail. But the page with only the submit button does not occur if i press "view the exploit". i will be forwarded to the page with the changed email address. In the end, i send it to the victim, but the labs are still "not solved" can anyone please help me? I also tried online csrf poc generator but it is still not solved. Thank you very much Massimo :)

Ben, PortSwigger Agent | Last updated: Mar 10, 2023 09:17AM UTC

Hi Massimo, I have just replied to your other forum post about this situation but, for completeness, I will repeat what I said here. We made a recent change to the Web Academy environment that means that two users cannot have the same email address in the same lab instance. When you use the 'View the exploit' functionality you are changing the email address of your user (the 'wiener' user) to the value in your exploit. If you then 'Deliver exploit to victim' you will then be trying to get the 'victim' user to change their address to the same email address as your user now has, which is now no longer allowed. We have updated all of the labs that are affected by this change so that there is a hint box in the description to explain this - you would just need to adjust the email address that is being used in your exploit when you come to 'Deliver exploit to the victim'.

You need to Log in to post a reply. Or register here, for free.