Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Issues Encountered During Stage 1 of My BSCP Exam App 1

Michael | Last updated: Aug 14, 2024 12:59AM UTC

Dear PortSwigger Team, I hope this message finds you well. I managed to solve the App 2 without any difficulties and within the first hour but I encountered some technical issues during Stage 1 App 1 of my exam. To my understanding, Stage 1 for App1 should have involved host header injection with password reset poisoning because whenever i but the X-Forwarded-Host Header it would say invalid host, but i was able to by-pass this with X-Forwarded-Host: host:exploit-server.net. However, it appeared that the user was not clicking on the link provided, after this I tested for XSS, HTTP Req smuggling, and Authentication-Brute-Force and none worked. I tested and scanned application for all other type vulnerabilities and no other vulnerabilities appeared, Additionally, I experienced technical difficulties with the App1 website within the last 50 minutes of the exam. The website was not loading, which significantly impacted my ability to complete the tasks. Could you please look into these issues and advise on the next steps? It seems that I wasn't the only person that has encountered this issue. I appreciate your assistance in resolving this matter. can we consider a possible free attempt again if there was an issue with the server. Thank you for your time and support.

Ben, PortSwigger Agent | Last updated: Aug 14, 2024 08:31AM UTC