Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

the lab: Targeted web cache poisoning using an unknown header

Karim | Last updated: Mar 12, 2022 02:49PM UTC

Hello, im trying to solve the lab: "Targeted web cache poisoning using an unknown header" but for some reason it doesn't get solved i tried to solve it with intended way with the exploit server it didn't get solved and i tried to inject the alert(document.cookie) in the x-host header directly and it didn't work too im facing this problem for a couple of days now the lab doesn't wanna get solved !!

Alex, PortSwigger Agent | Last updated: Mar 14, 2022 09:25AM UTC

Hi, Thanks for getting in touch to report this issue. We have been able to replicate the problem here and have identified an issue in this particular lab. This has been raised with the Academy team and they are investigating the cause of the problem. We'll update this thread once we have an update. Thanks

Ignacio | Last updated: Mar 14, 2022 08:48PM UTC

Hello, I'm facing the same issue. For some reason I can't get a 'X-Cache: hit' in this lab.

Ignacio | Last updated: Mar 14, 2022 09:57PM UTC

I could finally solve it after disabling the Param Miner extension. It seems that it was adding a cache buster which I wasn't able to see in the repeater.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.