Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Reset lab "Web shell upload via Content-Type restriction bypass"

Gianni | Last updated: Mar 07, 2024 06:10AM UTC

I need the lab "Web shell upload via Content-Type restriction bypass" to be reset. The /home/carlos/secret file was deleted and no longer available to get the solution from.

Dominyque, PortSwigger Agent | Last updated: Mar 07, 2024 08:58AM UTC

Hi Gianni The labs reset themselves after around 20-25 minutes. After this time, you should get a fresh lab instance to attempt to solve again.

Gianni | Last updated: Mar 08, 2024 06:16AM UTC

The lab reset, but in /home/carlos/secrets there are two secret files and no matter how many times I get the solution, it says its wrong. Is there any way to fix this issue?

Dominyque, PortSwigger Agent | Last updated: Mar 08, 2024 08:48AM UTC

Hi Gianni I have just tested the lab, and it seems to be working correctly. Can you please email support@portswigger.net with a screen recording/ screenshots of your attempt at the lab so we can see the exact steps you are taking and can better advise?

Gianni | Last updated: Mar 10, 2024 11:17PM UTC

I appreciate your help! I figured it out. For whatever reason, when I uploaded my payload, it was uploaded twice, and there was two secret files in /home/carlos/secret. When I loaded my payload, it would cat out both files. So I just had to take half the output as the answer.

Dominyque, PortSwigger Agent | Last updated: Mar 11, 2024 11:07AM UTC