Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab does not solve even if it is correct

Ik | Last updated: Apr 21, 2020 09:40AM UTC

Kindly help me with this, as none of the machines are showing solved.

Michelle, PortSwigger Agent | Last updated: Apr 21, 2020 10:15AM UTC

Could you give us an example of one of the labs that does not show as solved and describe the steps you took to try and solve it? We can then work through the steps and try to help work out why this is happening.

hemanth | Last updated: Apr 27, 2020 11:26AM UTC

Even if the procedure is exactly same as the solution, Lab still shows not solved. How will it be verified, whether if the Lab was solved or not ??

hemanth | Last updated: Apr 27, 2020 11:32AM UTC

I tried to solve "Lab: Web cache poisoning with an unkeyed header". I have found the vuln and poisoned the cache. I have reloaded as victim and got javascript executed. But still the Lab remains unsolved. I am a Newbie and i apologize if i asked the question without prior understanding of what to be done. I hope, i would get your suggestions. Thanks.

Michelle, PortSwigger Agent | Last updated: Apr 27, 2020 12:10PM UTC

Could you send us a screenshot of the request you are sending to support@portswigger.net, please? We can take a look with you then to help you spot what is happening and why the lab isn't showing as solved.

hemanth | Last updated: Apr 28, 2020 03:52AM UTC

Oh, that worked for me now. But i had to follow the exact solution specified. Thanks for your attention. Can you please tell me where i should ask any doubts regarding Labs.

Michelle, PortSwigger Agent | Last updated: Apr 28, 2020 07:25AM UTC

If you have any questions about the labs, you can either email them to support@portswigger.net or post your queries on the forum, Have fun with the rest of the labs!

hemanth | Last updated: Apr 28, 2020 10:11AM UTC

Thanks for the info.

charaf | Last updated: May 30, 2020 05:17PM UTC

hell guys i solved challenges like "access control user role can be modified in user profile" and the message "congratulations you've solved" pop up but when i click continue to the main page it still not solved. any idea?????

Yakov | Last updated: May 31, 2020 05:17PM UTC

charaf, I have this probmem too.

Michelle, PortSwigger Agent | Last updated: Jun 01, 2020 10:30AM UTC

Hi Thanks for letting us know. This should be fixed now, but if you do encounter any further issues, please drop us a line.

Jatin | Last updated: Jun 03, 2020 03:32PM UTC

I am facing the same problem in this lab -> "Reflected XSS into HTML context with all tags blocked except custom ones" I have checked my solution many times and its correct but the lab is still not solving. Can you please help me how to solve the lab

Michelle, PortSwigger Agent | Last updated: Jun 03, 2020 04:15PM UTC

Could you send us some details on what you've tried, please? If it's easier to send screenshots rather than describe the steps you've taken ina. forum post then you can email them to support@portswigger.net

Jatin | Last updated: Jun 04, 2020 11:38AM UTC

Thankyou for helping me, I was using incorrect id and now I used the corredt one and the lab is solved

Vaishnavi | Last updated: Jul 08, 2021 08:45AM UTC

When I solved the lab, the message "congratulations you've solved" pop up but when I click continue to the main page it still not solved. Please help as I am unable to track my progress.

Michelle, PortSwigger Agent | Last updated: Jul 08, 2021 08:47AM UTC

Thanks for raising this. We are aware of the issue and are currently looking into the cause of the problem, we'll post back here when this has been fixed.

Michelle, PortSwigger Agent | Last updated: Jul 08, 2021 10:21AM UTC

Hi We just wanted to confirm that the issue with the Web Academy labs is now fixed and labs that are solved from this point onwards will be saved in your account. Unfortunately, this does mean that you will have to redo any labs that were solved whilst this issue was present. We apologize for this inconvenience.

Rohan | Last updated: Aug 25, 2021 04:54PM UTC

My sqli lab is solved but still it is showing not solved

Michelle, PortSwigger Agent | Last updated: Aug 26, 2021 07:37AM UTC

Thanks for your message. Can you confirm which SQL lab you are working on and the steps you have taken to solve it, please?

Afsheen | Last updated: Apr 27, 2022 05:21AM UTC

Even if the procedure is exactly same as the solution, Lab still shows not solved. How will it be verified, whether if the Lab was solved or not ??

Michelle, PortSwigger Agent | Last updated: Apr 27, 2022 07:13AM UTC

Thanks for your message. Which lab are you currently working on? What steps are you taking when you try to solve it? Some of the labs have video solutions from other users in the community, if the lab you're having issues with has a linked video have you tried following along with the video?

paul | Last updated: Jun 26, 2022 10:41AM UTC

Having same problem with web cache: param cloaking, URL normalization. thx

Ben, PortSwigger Agent | Last updated: Jun 27, 2022 11:17AM UTC

Hi Paul, Are you able to provide us with some steps detailing the process that you are using to try and solve the labs that you have mentioned?

Anuj | Last updated: Oct 26, 2022 05:00AM UTC

Exploiting cross-site scripting to steal cookies I got the cookie through interactsh-client & later when I edit the cookie in burp community edition, through intercept, it is not giving me a solved message. When I edit the cookie through cookie editor then also it is not giving solved message. Is it made to work only when I have Burp professional?

Ben, PortSwigger Agent | Last updated: Oct 26, 2022 11:09AM UTC

Hi Anuj, Are you able to provide us with some more details regarding how you have obtained the victim users cookie? The part of the written solution that deals with obtaining the victim users cookie will only work using the Burp Collaborator (due to the firewall blocking interactions to other external systems). As the solution notes, however, there is an alternative method to obtaining the cookie that does not rely on using the Collaborator. Once you have the cookie then you should be able to solve the lab by including it in your subsequent request to the home page - are you sure that you have obtained the cookie from the victim user?

Anuj | Last updated: Nov 04, 2022 11:55PM UTC

Yes, I received the cookie from the victim user. I used interactsh-client over kali linux & changed the burp collaborator subdomain with the server details provided by interactsh to get the cookie. When I logged in through a different browser but same account(*********a@gmail.com) so that new cookie is assigned & then I could enter the stolen cookie through burp community edition but it didn't work. I even used cookie editor to make sure that the cookie is edited but it still didn't work. Even though the cookie was changed permanently through cookie editor but the lab solved message didn't appear.

Ben, PortSwigger Agent | Last updated: Nov 07, 2022 01:38PM UTC

Hi, What do you see in the browser when you alter the cookie and navigate to the 'My account' page? If you have the correct cookie then you should be logged in as the Administrator user (see the screenshot below): https://snipboard.io/derNy4.jpg

Anuj | Last updated: Nov 13, 2022 03:08PM UTC

In the community solution the presenter is working on the same browser & in the same session. How can he get a different session cookie when using burp collaborator & a different session cookie when he reloads the page? An act of just reloading the page doesn't change the session cookie. Technically both the cookies should be same.

Ben, PortSwigger Agent | Last updated: Nov 14, 2022 08:34AM UTC

Hi Anuj, In the community solution, the user is posting a blog comment that makes anyone that views the blog issue a POST request containing their cookie to the specified subdomain on the Burp Collaborator public server. There is a 'victim' user setup to automatically view all blog comments after they have been posted. This will, if configured correctly, result in you obtaining the cookie of the 'victim' user (which is obviously different from the cookie that you yourself will obtain when interacting with this lab). The user in the solution then obtains the cookie from their Collaborator client, refreshes the home page (whilst also keeping 'Intercept is on' configured so that they can intercept and manipulate requests before they hit the server) and then alters the cookie being used from their cookie to the cookie of the 'victim' user. The end result being they have then successfully used the 'victim' users cookie and have impersonated them, thus giving them access to the 'victim' users account and solving the lab. As noted earlier (and in the solution itself), there is a firewall in place that will block any interactions between the lab and arbitrary external systems, hence the need to use the Burp Collaborator to obtain the cookie in this approach.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.