Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Inacurate target despite in position tab I set the right target

Edwin | Last updated: Apr 14, 2024 06:34AM UTC

I'm solving Labs in Web Security Academy, when I send a request to Intruder in the Position tab the target is right, I set the payload but when I launch Intruder after hours my attack doesn't work I noticed in the Restults that the target was another target (subdomain) of *.web-security-academy.net For example, my target is Host: 0abf004704417fb880453f7155810097.web-security-academy.net but when launching the attack, I got errors because I noticed that Intruder was launching my payloads to this last (and wrong target). Though I could be due to the version, so I updated to Burp Suite Professional v2024.2.1.4 but the same problem persists. Why Burp Suite Pro has this error. I noticed that while doing Labs in WSA but what could happen if someone could have this same problem while working with customers? Any sugestion is appreciated. Edwin.

Edwin | Last updated: Apr 14, 2024 08:51AM UTC

I realized out how this happened. I was using a Repeater tab where I was trying to solve a Lab, I don't used it and it expired, so I refreshed the "Path class" page and started a new Lab. When the new Lab was ready and logged in Proxy tab I just copied the request HTTP method (GET /) and the new host (target) to the Repeater tab where I was working previuosly in order to continue the track of previous tests. When I sent this to Intruder with "Ctrl + i", in the Positions tab was the new target/subdomain but when the attack was launched I noticed that in the results tab it was targeting the expired Lab. I learn about this behaviour after some time researching about this issue. Let's say it is solved. Thank you.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.