Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

The "CORS vulnerability with basic origin reflection" lab seems broken

SecurityTester-00 | Last updated: Feb 22, 2023 03:51PM UTC

Hello! Is the "CORS vulnerability with basic origin reflection" lab currently working? I have tried many variations of the solution and none of them successfully complete the lab

Ben, PortSwigger Agent | Last updated: Feb 22, 2023 04:57PM UTC

Hi Yazan, I have just run through this lab and been able to solve it using the solution so it does appear to be working as expected. Are you able to share with us the details of the script that you have configured in the Exploit Server so that we can take a look at this for you? If you would like to send us a screenshot directly then please feel free to email us at support@portswigger.net and we can take a look from there (alternatively you could use a screenshot hosting service and add the the link to this forum thread).

SecurityTester-00 | Last updated: Feb 22, 2023 07:42PM UTC

Hey Ben! Here is a couple of screenshots. I used the snippet from step 5 and added it to the exploit response body and updated the lab id as directed. Did you do any additional steps to successfully complete the lab? Lab URL: https://0acd003403c99f48c303aa2b0000002d.web-security-academy.net/ Exploit Server URL: https://exploit-0adf00ba03cf9f72c349a9d3018c00db.exploit-server.net/ Screenshots: https://imgur.com/a/HxXMBR7

Ben, PortSwigger Agent | Last updated: Feb 23, 2023 09:04AM UTC