Research Academy Daily Swig
My account Customers About Blog Careers Legal Contact

Burp Suite User Forum

Login to post

Lab: Modifying serialized data types

Niko | Last updated: Aug 07, 2020 05:21AM UTC

I have a problem with this perticular lab. I've followed the solution as well and still cannot access the admin account. I have a firefox web browser. Pasted in this in the cookies by pressing F12 Tzo0OiJVc2VyIjoyOntzOjg6InVzZXJuYW1lIjtzOjEzOiJhZG1pbmlzdHJhdG9yIjtzOjEyOiJhY2Nlc3NfdG9rZW4iO2k6MDt9 and upated the page but end up with a "Internal Server Error PHP Fatal error: Uncaught Exception: Invalid access token for user administrator in Command line code:7 Stack trace: #0 {main} thrown in /var/www/index.php on line 7" What is it that i'm doing wrong? I have also done it through burp but still the same error message. Thank you in advance! c:

Uthman, PortSwigger Agent | Last updated: Aug 07, 2020 11:50AM UTC

Are you following the instructions in the solution? Have you considered looking at a video tutorial? - https://www.youtube.com/watch?v=l7KCL7vY98k

bigb0ss | Last updated: Aug 15, 2020 05:01PM UTC

Hi There, So I had the same issue and following the instructions from the video suggested by Uthman still did not solve the lab. But I found the way to solve this by specifying the `/admin/delete?username=carlos` in your GET request + supplying the modified cookie value. Hope this helps. :)

susheelps | Last updated: Aug 19, 2020 02:39PM UTC

I am facing the same issue. Setting the right cookie gives the error "PHP Fatal error: Uncaught Exception: Invalid access token for user administrator in Command line code:7 Stack trace: #0 {main} thrown in /var/www/index.php on line 7" The /admin/delete?username=carlos trick dosen't work for me. Still getting the same error.

atomman | Last updated: Aug 21, 2020 03:28AM UTC

I am facing same issue. (Using Chrome). and the trick by @bigb0ss doesn't work for me too!!

Hannah, PortSwigger Agent | Last updated: Aug 21, 2020 02:46PM UTC

We'll look into this further and get back to you with the results.

Hannah, PortSwigger Agent | Last updated: Aug 25, 2020 07:47AM UTC

Could you retry the lab? I've just tested it and it is now functioning as expected.

deamon | Last updated: Sep 09, 2020 06:50PM UTC

Hey, Im facing the same issue as mentioned by the other people above. This error has not seemed to be resolved yet

Hannah, PortSwigger Agent | Last updated: Sep 10, 2020 06:58AM UTC

I've just retested the lab and there is no issue present.

Justin | Last updated: Sep 24, 2020 07:03AM UTC

Facing the same error as previous user. (Followed both the video tutorial by Michael Sommer and answer guide) Internal Server Error PHP Fatal error: Uncaught Exception: Invalid access token for user administrator in Command line code:7 Stack trace: #0 {main} thrown in /var/www/index.php on line 7 Can anyone help me?

Justin | Last updated: Sep 24, 2020 07:03AM UTC

Facing the same error as previous user. (Followed both the video tutorial by Michael Sommer and answer guide) Internal Server Error PHP Fatal error: Uncaught Exception: Invalid access token for user administrator in Command line code:7 Stack trace: #0 {main} thrown in /var/www/index.php on line 7 Can anyone help me?

Hannah, PortSwigger Agent | Last updated: Sep 24, 2020 07:13AM UTC

I've just tested the "Modifying serialized data types" and have not had an issue completing the lab. Could you please retry?

ted | Last updated: Sep 24, 2020 11:49AM UTC

i have the same problem

Hannah, PortSwigger Agent | Last updated: Sep 24, 2020 01:42PM UTC

Hi Ted, could you retry, please? We are looking into what is causing this behavior and hope to have a fix in place soon.

Fabio | Last updated: Feb 22, 2021 01:29AM UTC

i have the same problem

Fabio | Last updated: Feb 22, 2021 01:30AM UTC

my mistake

Fabio | Last updated: Feb 22, 2021 01:33AM UTC

%54%7a%6f%30%4f%69%4a%56%63%32%56%79%49%6a%6f%79%4f%6e%74%7a%4f%6a%67%36%49%6e%56%7a%5a%58%4a%75%59%57%31%6c%49%6a%74%7a%4f%6a%45%7a%4f%69%4a%68%5a%47%31%70%62%6d%6c%7a%64%48%4a%68%64%47%39%79%49%6a%74%7a%4f%6a%45%79%4f%69%4a%68%59%32%4e%6c%63%33%4e%66%64%47%39%72%5a%57%34%69%4f%32%6b%36%4d%44%74%39 Internal Server Error PHP Fatal error: Uncaught Exception: unserialize() failed in /var/www/index.php:4 Stack trace: #0 {main} thrown in /var/www/index.php on line 4 ??

Hannah, PortSwigger Agent | Last updated: Feb 22, 2021 12:34PM UTC

Hi Fabio Is this still for the lab "Modifying serialized data types"? I've just tested that lab, and it is working as expected.

You need to Log in to post a reply. Or register here, for free.