Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab: Web cache poisoning via HTTP/2 request tunnelling

Luca | Last updated: Mar 29, 2022 10:21PM UTC

The official solution for this lab does not mention that you need to create a second :path pseudo-header - I realised this in a solution published on youtube. I am not sure why, but if I manipulate the original :path pseudo-header, I do not get the expected responses and I cannot solve the lab. Can anybody confirm this and provide an explanation? Cheers.

Liam, PortSwigger Agent | Last updated: Mar 30, 2022 06:52AM UTC

The provided solutions are not designed to provide walk-throughs for our labs. We hope that they provide enough information to help users find a way to complete the task.

Luca | Last updated: Mar 30, 2022 01:32PM UTC

I didn't mean to criticise or report this as a real bug (but I had to choose a category). however I am not sure why a second :path is needed and what difference there is in the way it is processed, I would like to understand that.

Liam, PortSwigger Agent | Last updated: Mar 30, 2022 05:31PM UTC

I find that Michael Sommer usually explains his process on the labs very well: - https://www.youtube.com/watch?v=w3oep2YR4oI

Luca | Last updated: Mar 30, 2022 08:29PM UTC

That is a different lab (and the last comment is mine). I'll try to do the http 2 tunnelling lab again and understand myself.

nihal | Last updated: May 16, 2022 05:15AM UTC

content length matching ,why, i can't understan,

Ben, PortSwigger Agent | Last updated: May 16, 2022 07:10AM UTC

Hi Nihal, Are you able to provide us with more information regarding the issues that you are currently facing so that we can assist you further with this?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.