Burp Suite User Forum

Login to post

http host header injection: password reset poison labs not working

imrnrza | Last updated: Oct 17, 2020 09:09PM UTC

https://portswigger.net/web-security/host-header/exploiting/password-reset-poisoning lab 2 and 3 password reset via middleware and dangling markup are not working as suggested in the solution section in lab2 wiener password reset email received but not in logs after adding X-Forwarded-Host header, carlos password is never received in logs in lab3, weiner password is received as per solution but carlos password is never received i have tried multiple times, can you suggest

Ben, PortSwigger Agent | Last updated: Oct 19, 2020 10:32AM UTC

Hi, I have just run through the second lab to check to check it is working as expected and was able to solve it using the solution provided. For the second lab - the password is not supplied in the logs and the solution does not mention this. As noted in the solution, you receive a valid token which you then need to use in conjunction with the password reset link supplied in the email client. This allows you to reset Carlos' user account password to something that you know and are then able to log in as him.

You need to Log in to post a reply. Or register here, for free.