Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Lab: Web cache poisoning via an unkeyed query string

Dario | Last updated: Apr 20, 2024 08:23AM UTC

Hi, I have tried repeatedly to do this lab with no results. My problem is that whatever request I send the X-Cache always responds to me Miss. Either from the opriginal request to the home, adding a cachebuster payload, copying the solution, using the Origin header or manipulating other existing headers like Accept-Encoding. Whether in http 1.1 or http2, the answer will always be this : Cache-Control: max-age=35 Age: 0 X-Cache: miss Can you please give me support?

Dario | Last updated: Apr 20, 2024 12:55PM UTC

and the same issue with "Web cache poisoning via an unkeyed query parameter", I can't hit anything in the cache

Dario | Last updated: Apr 20, 2024 01:46PM UTC

and the same with "Lab: Parameter cloaking" as well. Studying is impossibile :( :( :( please help me

Ben, PortSwigger Agent | Last updated: Apr 22, 2024 08:01AM UTC

Hi Dario, Are you able to email us at support@portswigger.net and include some screenshots of exactly what you are sending and what you are seeing in the response?

Dario | Last updated: Apr 22, 2024 09:48AM UTC

Sure, I'm done

Ben, PortSwigger Agent | Last updated: Apr 22, 2024 09:58AM UTC