Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Lab - Authentication bypass via encryption oracle

John | Last updated: Dec 30, 2020 11:18PM UTC

Hi, the labs instruction is to select the first byte of a decoded cookie. Then to secondary click (the selected byte) and select the "Delete Bytes" option. The issue is I follow the instruction but the option of "Delete Bytes" is just not on the secondary menu....anyone got any ideas of how to get that option? I've checked that my Burp Suite Pro is up to date....fraction away from completing the lab and to get held up by a menu option that does not exist.....is------- let you fill in the blanks!!! Thanks in advance for any help/advice

John | Last updated: Dec 31, 2020 05:39PM UTC

Just had to suck it up and count byte deletions. It's a tricky lab in the first place, but when you don't get the choice of entering a value for bytes to delete, you really have to be careful counting the individual bytes deleted. Any miscount/miscalculation you may have to restarted the lab. One good thing is though....I had to do this lab a few times. Those attempts have actually reinforced how to use Burp Suite decoder and repeater. So it really enforces the product learning!!! Quite relieved I've solved that one!!

Ads | Last updated: Dec 04, 2021 01:15AM UTC

Hi there, thanks so much for your post, I have the same problem!! super irritating. Out of interest, how many times did you "Delete Selected Byes"? I did it 8 times (thinking 8 x 4 AKA a nibble = 32), but still get the error Am I missing something? Thanks!!

Mohammed | Last updated: Apr 14, 2022 10:07AM UTC

Hi bro, I had the same issue. I used the older version of Burp that had the delete bytes option.

Ben, PortSwigger Agent | Last updated: Apr 14, 2022 10:16AM UTC