Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab: Infinite money logic flaw doesn't get the gift card from the macro

bruno | Last updated: Jul 02, 2022 12:32AM UTC

Hello! I've been trying to solve the lab "Lab: Infinite money logic flaw" but I can't pass the 'test macro' part. What happens is: it runs the macro but doesn't get the gift card code from the request before. I followed all instructions that I saw. "Name the parameter gift-card and highlight the gift card code at the bottom of the response. Click "OK" twice to go back to the Macro Editor." I did this, and looks like that is allright, but still not work when I try

bruno | Last updated: Jul 02, 2022 02:37PM UTC

Update: I tried with another computer and it worked fine since the first try. I believe that something was wrong with my cache

Michelle, PortSwigger Agent | Last updated: Jul 04, 2022 07:50AM UTC

Thanks for letting us know :)

debrasteed | Last updated: May 24, 2023 11:36AM UTC

Hello! I'd be happy to help you with the lab "Infinite money logic flaw." It seems like you're experiencing some trouble with the 'test macro' part, specifically with retrieving the gift card code from the request. Based on the information you provided, it appears that you have correctly named the parameter as "gift-card" and highlighted the gift card code at the bottom of the response. However, it's not working as expected when you run the macro. Here are a few suggestions to troubleshoot the issue: Double-check your parameter name: Ensure that you have named the parameter as "gift-card" exactly as instructed. Even a small difference in capitalization or spacing can cause the macro to fail. Verify the response format: Make sure that the gift card code in the response is in a format that matches your selection. For example, if you highlighted a specific code format (e.g., XXXX-XXXX-XXXX), ensure that the response contains a code in that exact format. Check for dynamic content: If the gift card code is dynamically generated and changes with each request, the macro may not be able to capture it correctly. In such cases, you might need to use a different approach to extract the code, such as using regular expressions or other techniques. Test the macro step by step: Instead of running the entire macro, try executing each step individually to identify which step is causing the issue. This way, you can isolate the problem and focus on troubleshooting that specific step. Review the macro settings: Double-check the settings of your macro, such as the target URL, HTTP method, request headers, and other relevant configurations. Ensure that they match the requirements of the lab exercise. If you've tried these steps and are still unable to resolve the issue, please provide me with more details about the specific instructions or any error messages you encounter during the lab. I'll do my best to assist you further! This is just in case clearing the cache

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.