Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Username enumeration via response timing

Roycerolls | Last updated: Oct 08, 2021 12:31PM UTC

The final step of the LAB I am not getting the 302 response in practical lab. Is anything I am missing. On the "Payloads" tab, add the list of numbers in payload set 1 and add the list of passwords to payload set 2. Start the attack. When the attack is finished, find the response with a 302 status. Make a note of this password.

James, PortSwigger Agent | Last updated: Oct 08, 2021 01:18PM UTC

Hello, Thanks for getting in touch. I have just checked the lab and was able to solve it successfully. Please follow the below step-by-step video guide to check your steps: https://www.youtube.com/watch?v=RO5Wo5jjbWE Let me know if you need any further assistance.

Lee | Last updated: Nov 06, 2021 02:23AM UTC

I think something is wrong for the practical lab. Even if I directly input the username: arizona and password: robert into the login. I still got error message "invalid username/password".

James, PortSwigger Agent | Last updated: Nov 09, 2021 09:13AM UTC

Hi Lee, Have you checked the video I linked above to check the steps?

Mir | Last updated: Aug 20, 2022 03:33PM UTC

Hi Team, I have am facing the same issue of not getting 302 http response code while bruteforcing password. I have checked the highlighted video above as well along with similar solutions on youtube but none of them solved my issue. I have spend like around 4 hours on this and my technical steps look fine, I feel there is some problem with this lab which portswigger team need to look into. Lab: Username enumeration via response timing

Ben, PortSwigger Agent | Last updated: Aug 22, 2022 07:08AM UTC

Hi Hassan, I have just run through this lab and been able to solve it using the solution provided so it does appear to be working as expected. Are you able to share some specific details of how you are trying to solve this lab so that we can take a look? It might be useful to see how you have setup the Intruder attacks that you are running in Step 10 and Step 14 so that we can see exactly what you are doing. If it is easier to provide this information via email (in terms of supplying screenshots) then please feel free to send us an email at support@portswigger.net.

Jules | Last updated: Jan 22, 2023 10:52PM UTC

hi, maybe some 'smart' guy around is messing up with the lab.. Im facing the same issue as previously reported, it seems it is not possible to solve the last step.

Ben, PortSwigger Agent | Last updated: Jan 23, 2023 09:24AM UTC

Hi Jules, Just to confirm, the lab instance that you obtain will be unique to you so unless you share your unique URL no one will be working on the same lab instance as you (essentially, each lab instance will be generated from a base configuration). I have just run through this lab and been able to solve it using the solution provided so it does appear to be working as expected. Are you able to share some detailed steps of how you are attempting to solve this lab so that we can take a look at this for you? If you want to email us with some screenshots then please feel free to do so via the support@portswigger.net email address.

Yann | Last updated: Mar 05, 2024 04:58PM UTC

Hi guys :) Need a bit of help with this lab. I followed the given steps in the tutorial & video, I succeed to get my username, but I can't get a 302 response with the password payload... Anyone can help ? Here is my request I used with Burp Suite (the process worked well for the username) : POST /login HTTP/2 Host: 0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:123.0) Gecko/20100101 Firefox/123.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 25 Origin: https://0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net/ DNT: 1 Sec-GPC: 1 Connection: keep-alive Referer: https://0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net/login Cookie: session=0DHyqd70dJAvWSSIKZBJe5swrqu4Tj9I Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1POST /login HTTP/2 Host: 0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:123.0) Gecko/20100101 Firefox/123.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 25 Origin: https://0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net DNT: 1 Sec-GPC: 1 Connection: keep-alive Referer: https://0a71006c03b8f2ce810a7a90008c0066.web-security-academy.net/login Cookie: session=0DHyqd70dJAvWSSIKZBJe5swrqu4Tj9I Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 TE: trailers username=pi&password=§pwd§

Ben, PortSwigger Agent | Last updated: Mar 06, 2024 11:21AM UTC

Hi Yann, Are you using Burp Professional or Burp Community when you carry out this lab?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.