Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Solution for "Lab: SSRF with blacklist-based input filter

Fabian | Last updated: Mar 30, 2020 08:35AM UTC

Hello, the intended solution of this lab doesn't seem to work. After some testing I couldn't find a way to "enter" the admin area. "Encoding" the IP address works fine, but enter "admin" doesn't work at all. I tried UTF8 and some other and after some time I looked up the solution and it doesn't work. Theoretically this should be valid solutions: stockApi=http://127.1:8080/%2561dmin -> "Could not connect to external stock check service" stockApi=http://127.1:8080/%25%36%31%25%36%34%25%36%64%25%36%39%25%36%65 -> "Could not connect to external stock check service" stockApi=http%3A%2F%2F127.1%3A8080%2F%2561dmin -> "Could not connect to external stock check service" Greetings

Uthman, PortSwigger Agent | Last updated: Mar 30, 2020 09:18AM UTC

Hi Fabian, I have just tested the solution and it works. Do you still have the product parameters from the original stockApi request populated along with the http://127.1/%2561dmin? Please have another go at the lab. Hint: you will need to investigate the response to find out how to delete Carlos. If you still cannot solve the lab, please send screenshots of the request you are response tab in Repeater to support@portswigger.net.

Fabian | Last updated: Mar 31, 2020 11:40AM UTC

Hello, well I just have seen my mistake... It works as intended, forgot to remove the port number. Well sometimes you can't the the obvious. Thanks.

Uthman, PortSwigger Agent | Last updated: Mar 31, 2020 12:08PM UTC