Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Lab: Web cache poisoning via ambiguous requests

buddyki | Last updated: Aug 23, 2023 07:33PM UTC

Hello BurpSuite Support, I think this lab (https://portswigger.net/web-security/host-header/exploiting/lab-host-header-web-cache-poisoning-via-ambiguous-requests) is not working. Even I tried the Solution and that did not work! => It keeps showing X-Cache: miss Can you please help us in troubleshooting this issue. Thanks, Buddyki

Dominyque, PortSwigger Agent | Last updated: Aug 24, 2023 10:26AM UTC

Hi Did you also watch the community solution video we have for that lab?

buddyki | Last updated: Aug 24, 2023 02:23PM UTC

yes,In response, it always shows X-Cache: miss, even if I follow the video every step of the way,

buddyki | Last updated: Aug 24, 2023 02:30PM UTC

and i met the same problem in this lab(Lab: Exploiting HTTP request smuggling to perform web cache deception) GET /resources/js/tracking.js HTTP/2 => Cache-Control: max-age=30 Age: 0 X-Cache: miss Content-Length: 70 always : Age: 0 X-Cache: miss

Dominyque, PortSwigger Agent | Last updated: Aug 25, 2023 07:21AM UTC

Hi We can confirm that the lab is solvable. One of our users created a new lab community solution video. It might prove helpful: https://www.youtube.com/watch?v=jWtw7E0Uefo&list=PLGj3IZkhXGzJB26c3-nCDEOBUUXbjdMR9&index=1

buddyki | Last updated: Aug 25, 2023 12:45PM UTC