Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab: Web cache poisoning via ambiguous requests

buddyki | Last updated: Aug 23, 2023 07:33PM UTC

Hello BurpSuite Support, I think this lab (https://portswigger.net/web-security/host-header/exploiting/lab-host-header-web-cache-poisoning-via-ambiguous-requests) is not working. Even I tried the Solution and that did not work! => It keeps showing X-Cache: miss Can you please help us in troubleshooting this issue. Thanks, Buddyki

Dominyque, PortSwigger Agent | Last updated: Aug 24, 2023 10:26AM UTC

Hi Did you also watch the community solution video we have for that lab?

buddyki | Last updated: Aug 24, 2023 02:23PM UTC

yes,In response, it always shows X-Cache: miss, even if I follow the video every step of the way,

buddyki | Last updated: Aug 24, 2023 02:30PM UTC

and i met the same problem in this lab(Lab: Exploiting HTTP request smuggling to perform web cache deception) GET /resources/js/tracking.js HTTP/2 => Cache-Control: max-age=30 Age: 0 X-Cache: miss Content-Length: 70 always : Age: 0 X-Cache: miss

Dominyque, PortSwigger Agent | Last updated: Aug 25, 2023 07:21AM UTC

Hi We can confirm that the lab is solvable. One of our users created a new lab community solution video. It might prove helpful: https://www.youtube.com/watch?v=jWtw7E0Uefo&list=PLGj3IZkhXGzJB26c3-nCDEOBUUXbjdMR9&index=1

buddyki | Last updated: Aug 25, 2023 12:45PM UTC

ok thanks for your help

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.