Burp community forum

Lab: HTTP request smuggling, basic TE.CL vulnerability

Adnanmig | Last updated: Aug 28, 2019 07:06PM UTC

Hi, When following the solution to this lab, the second request results in bad request error and not the expected result of the lab. I have tried it with Burp and curl with the same result. Not sure what I am missing? Can you please help? thanks.

Liam, PortSwigger Agent | Last updated: Aug 29, 2019 01:29PM UTC

The lab works in our testing. Have you tried resetting the lab?

Burp User | Last updated: Sep 01, 2019 04:20PM UTC

Yes, I have reset the lab multiple times but not getting the expected results.

Liam, PortSwigger Agent | Last updated: Sep 02, 2019 02:32PM UTC

The lab and solution work in our testings and other users have completed the lab. Keep trying.

Burp User | Last updated: Oct 29, 2019 01:34AM UTC

Hello Liam, Question. I am unable to submit the solution in the lab for this , and it keeps spamming back 400 bad Request and also 500 internal server error. i have even used the bAppStore plugin, is it becuase ... I have did the whole steps including the /r/n/r/n at the end of the request still no 404. please advise, if this is a lab error, or it no longer works. Im almost done and this is blocking completion. How do i reset lab as well? i have just been waiting for session time out, and log out and log back in. I can email you directly as i have some completion for some Request smuggling practioner exercises, but this one just doesnt seem to work. thank you

Ben, PortSwigger Agent | Last updated: Oct 29, 2019 10:44AM UTC

Hi Bob, Due to some recent changes in our lab infrastructure, the previously listed solution for the Request Smuggling labs may no longer be correct. While our development team is working on addressing this issue, the following workaround should allow you to progress through the labs as normal. Each request is now required to have a Host header in order to be successfully processed by the lab server (this also means that the lab user needs to work out the new offsets involved). This needs to be applied to any requests issued to the lab in order to bypass this new validation. Please let us know if you need any further assistance.

Ben, PortSwigger Agent | Last updated: Oct 29, 2019 01:39PM UTC

Hi Bob, Just to follow up on the previous message. The development team have been busy working on the Request Smuggling labs today and, to make things simpler for our Web Academy users, they have reverted the labs back to their original settings. This should mean that all of the labs are now solvable using the solutions provided. I have just tried the lab that you have been working on and have confirmed that it is now solvable using the original solution provided. Please try again and let us know if you are now able to successfully solve it. Apologies for the confusion that this may have caused you. Please let us know if you need any further assistance with anything else in the future.

You need to Log in to post a reply. Or register here, for free.