Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Not receiving CSRF token to my Collab link

Edwin | Last updated: May 26, 2024 04:50PM UTC

Hi guys, I'm trying to solve the WSA Lab "Lab: Reflected XSS protected by very strict CSP, with dangling markup attack", and after many attempts I'm realizing that the Lab is not configured to visit *.oastify.com domains. Currently I'm using Burp Pro 2024.4.4 and the only difference I see with the solution's video is he uses *.burpcollaborator.net and me *.oastify.net As aside note, I recently updated Burp Suite Pro to the (at this time) last version. In the past days I have resolved other labs that require interaction with a Collab instance, but this is the first lab I try to resolve using this updated version. I followed step by step like in the video but I cannot go forward after clicking on "Deliver exploit to victim" because I am not receiving the CSRF token in order to craft CSRF PoC. Any help or suggestion why this is not working is really appreciated. Best, Edwin.

Ben, PortSwigger Agent | Last updated: May 27, 2024 08:21AM UTC

Hi Edwin, Some Chrome updates in the recent past has rendered the written solution to this lab as invalid. One of our users has come up with the following new approach to solving this particular lab: https://skullhat.github.io/posts/reflected-xss-protected-by-very-strict-csp-with-dangling-markup-attack/

Edwin | Last updated: May 28, 2024 03:04AM UTC

Hi Ben, Thank you for replying. The walkthrough you shared was useful, however I am facing other issue. Despite the csrf-token was exfiltered and used at the moment to update the email (PoC), I got a "Invalid CSRF token" response, but in the next request I see the email was updated but the Lab still appears as Not Solved even I refreshed the page couple times. Any idea or what I am missing? * Invalid CSRF token: https://postimg.cc/R39gGmSs * Email updated: https://postimg.cc/4ntBCnYL * Lab Not Solved despite the new email change: https://postimg.cc/XXG7n6WD

Ben, PortSwigger Agent | Last updated: May 28, 2024 10:38AM UTC

Hi Edwin, You need to deliver your exploit using the exploit server as detailed in the solution that I supplied to you - what you are currently doing is altering the email address associated with your user. The lab will only solve when you have altered the email address of the 'victim' user.

Edwin | Last updated: May 28, 2024 09:10PM UTC