Burp Suite User Forum

Create new post


Torture | Last updated: Jul 10, 2024 01:42PM UTC

I've seen on yt videos that if u sent a request in repeater then it will solve the lab. But when i sent a request in repeater it isn't showing the lab is solved

sssss | Last updated: Jul 10, 2024 03:59PM UTC

Could you provide a little bit more context ?

Ben, PortSwigger Agent | Last updated: Jul 10, 2024 04:46PM UTC

Hi, Are you able to clarify which particular lab you are referring to so that we can assist you further with this?

Torture | Last updated: Jul 11, 2024 07:55AM UTC

I was doing the lab Basic SSRF against another back-end system and i had some doubts in that so i saw a video of it. In that the guy doing it intercepted the request and sent it to repeater then he used intruder to do the payload and find the admin ip. Then he entered the admin ip and clicked sent button in repeater and it showed lab solved. But when i clicked the sent button in repeater it didn't show lab solved instead i had to go the proxy and change that to admin ip to complete the lab. I hope you guys understood what Iam saying.

Ben, PortSwigger Agent | Last updated: Jul 11, 2024 08:40AM UTC

Hi, In the final step of the written solution, the value of the stockAPI parameter should be altered to http://192.168.0.<numberFoundInIntruder>:8080/admin/delete?username=carlos. Is this what you are referring to? If not, are you able to provide us with some screenshots so that we can see this more clearly (if it is easier, you can email us at support@portswigger.net and include the screenshots directly there).

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.