Burp Suite User Forum

Create new post

Using X-Forwarded-host in Web cache poisoning

Keith | Last updated: Dec 01, 2022 09:18PM UTC

I'm currently working on the web cache poisoning with an unkeyed header lab but whenever I put x=forwarded-host in my header I don't receive a response back. I even tested this by sending the header with just ?cb=1234 and the request went thru with a 200 ok response but as soon as I add the X-Forwarded-host into it, I receive nothing, nada. why is this happening

Ben, PortSwigger Agent | Last updated: Dec 02, 2022 08:50AM UTC

Hi Keith, Are you able to provide some details of the steps that you are taking to try and solve this lab so that we can take a look at this for you? It might be easier if you provide some screenshots so that we can see exactly what you are doing - feel free to send us an email at support@portswigger.net and include the screenshots there.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.