Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Lab1: Blind SQL injection with conditional errors

Rama | Last updated: May 01, 2023 02:40PM UTC

Hi, I was doing the blind sql lab using the cookies but when i intercept the link on my burp suite community edition, i can't locate the Tracking Id. What would be the problem because all its like my burp isn't getting the Tracking Id despite the website showing 'Welcome back'. Please assist.

Ben, PortSwigger Agent | Last updated: May 02, 2023 06:47AM UTC

Hi, Do you see the TrackingId if you click the 'Home' link in order to refresh the home page within the lab?

Rama | Last updated: May 02, 2023 12:32PM UTC

Hi, I did manage to get the Tracking Id via the inbuilt browser, i think my mistake was that i was using the external browser. The inbuilt browser generated the page as a new session hence not able to generate the Tracking Id. For future reference to anyone who might face the same issue, here are my steps; 1)Open the Burp suit(using community edition) 2)Go to Proxy>Intercept> Open the browser without turning on Intercept 3)Once the page is fully loaded, ensure the 'Welcome Back' signal is on, this confirms cookie has been activated. 4)Go to the Intercept and turn it on, then go back to the browser and refresh the page, you will see tracking Id on the intercept page. Note: I'm using the inbuilt Burp browser but not external browser nor FoxyProxy

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.