Burp Suite User Forum

Login to post

Exploit server and Access log in real targets

Kujasmin | Last updated: Jun 09, 2021 08:30PM UTC

Hello. In authentication labs such as Brute-forcing a stay-logged-in cookie and Offline password cracking we have to enter Exploit server link and Access log. What is this in live targets? Where will I find the information I need for the attack in live targets? Thanks.

Ben, PortSwigger Agent | Last updated: Jun 10, 2021 10:00AM UTC

Hi, The Exploit Server and Access Logs are something that we use in our Web Academy in order to make delivering exploits easier for the user. For example, some of the topics covered would require you to host exploits for victim users to access - we simulate this with the Exploit Server and dummy victim users. In a real world scenario you would likely have to have your own server setup in order to host and deliver exploits. By having the Exploit Server and Access logs in place, it allows the user to concentrate on learning about the vulnerability topic itself rather than struggling with setting up some of the environmental pre-requisites needed to demonstrate a particular vulnerability.

You need to Log in to post a reply. Or register here, for free.