Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Lab: HTTP request smuggling, basic CL.TE vulnerability

pin | Last updated: May 25, 2023 08:44PM UTC

I can't solve lab tried many times, help here is the code - POST / HTTP/1.1 Host: 0a90006303d9bbc387c5700800820036.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-Length: 6 Transfer-Encoding: chunked 0 G

Dominyque, PortSwigger Agent | Last updated: May 26, 2023 01:28PM UTC

Hi We have trialed the lab and can confirm it works as it should. Have you tried watching our community solution videos? They will give you step-by-step guidance on this lab.

P1N | Last updated: May 28, 2023 08:47PM UTC

I tried, I attached the code, I've been trying to solve everything for 2 days and watched the video and the usual solution, in no way

Ben, PortSwigger Agent | Last updated: May 29, 2023 09:47AM UTC

Hi, Have you specifically changed the Protocol being used to HTTP/1.1 within the Inspector panel? Are you ablet to provide us with a screenshot of what you see in the Request and Response windows after you have sent your malicious request two times?

P1N | Last updated: May 30, 2023 04:41PM UTC

how can I send a screenshot, there is no such function??Yes, I specifically changed it to 1.1 http, according to the assignment, it's necessary POST / HTTP/1.1\r\n Host: 0a3500f90359495b811ec02e002700bc.web-security-academy.net\r\n Connection: keep-alive\r\n Content-Type: application/x-www-form-urlencoded\r\n Content-Length: 6\r\n Transfer-Encoding: chunked\r\n \r\n 0\r\n \r\n G

Dominyque, PortSwigger Agent | Last updated: May 31, 2023 06:51AM UTC