Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum will be discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Centre. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTRE DISCORD

Create new post

Lab: Web cache poisoning via ambiguous requests

buddyki | Last updated: Aug 23, 2023 07:33PM UTC

Hello BurpSuite Support, I think this lab (https://portswigger.net/web-security/host-header/exploiting/lab-host-header-web-cache-poisoning-via-ambiguous-requests) is not working. Even I tried the Solution and that did not work! => It keeps showing X-Cache: miss Can you please help us in troubleshooting this issue. Thanks, Buddyki

Dominyque, PortSwigger Agent | Last updated: Aug 24, 2023 10:26AM UTC

Hi Did you also watch the community solution video we have for that lab?

buddyki | Last updated: Aug 24, 2023 02:23PM UTC

yes,In response, it always shows X-Cache: miss, even if I follow the video every step of the way,

buddyki | Last updated: Aug 24, 2023 02:30PM UTC

and i met the same problem in this lab(Lab: Exploiting HTTP request smuggling to perform web cache deception) GET /resources/js/tracking.js HTTP/2 => Cache-Control: max-age=30 Age: 0 X-Cache: miss Content-Length: 70 always : Age: 0 X-Cache: miss

Dominyque, PortSwigger Agent | Last updated: Aug 25, 2023 07:21AM UTC

Hi We can confirm that the lab is solvable. One of our users created a new lab community solution video. It might prove helpful: https://www.youtube.com/watch?v=jWtw7E0Uefo&list=PLGj3IZkhXGzJB26c3-nCDEOBUUXbjdMR9&index=1

buddyki | Last updated: Aug 25, 2023 12:45PM UTC

ok thanks for your help

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.