Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Reset lab "Web shell upload via Content-Type restriction bypass"

Gianni | Last updated: Mar 07, 2024 06:10AM UTC

I need the lab "Web shell upload via Content-Type restriction bypass" to be reset. The /home/carlos/secret file was deleted and no longer available to get the solution from.

Dominyque, PortSwigger Agent | Last updated: Mar 07, 2024 08:58AM UTC

Hi Gianni The labs reset themselves after around 20-25 minutes. After this time, you should get a fresh lab instance to attempt to solve again.

Gianni | Last updated: Mar 08, 2024 06:16AM UTC

The lab reset, but in /home/carlos/secrets there are two secret files and no matter how many times I get the solution, it says its wrong. Is there any way to fix this issue?

Dominyque, PortSwigger Agent | Last updated: Mar 08, 2024 08:48AM UTC

Hi Gianni I have just tested the lab, and it seems to be working correctly. Can you please email support@portswigger.net with a screen recording/ screenshots of your attempt at the lab so we can see the exact steps you are taking and can better advise?

Gianni | Last updated: Mar 10, 2024 11:17PM UTC

I appreciate your help! I figured it out. For whatever reason, when I uploaded my payload, it was uploaded twice, and there was two secret files in /home/carlos/secret. When I loaded my payload, it would cat out both files. So I just had to take half the output as the answer.

Dominyque, PortSwigger Agent | Last updated: Mar 11, 2024 11:07AM UTC

Hi Gianni Fantastic! I am glad you were able to solve the lab :)

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.