Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

web cache poisoning labs with X-Forwarded-Host header and 504 Gateway timeout

sunny | Last updated: Sep 21, 2020 04:34PM UTC

Hi, I'm having issues with most labs on web cache poisoning. Basically, as I add the X-Forwarded-Host header, inevitably I get the 504 Gateway timeout error. I have checked the solution of Michael Sommer on youtube to confirm I wasn't doing something completely different and I have tried the labs in different occasions across several days. It seems there is something weird with the labs as this header triggers the issue every time. I also saw other people complaining about the same but no public solution that I could find. Perhaps you can provide some guidance? thank you so much!

Michelle, PortSwigger Agent | Last updated: Sep 22, 2020 01:06PM UTC

Thanks for raising this with us. I've spoken to our Web Academy Team and this is fixed now. If you do have any further issues, please let us know. Enjoy the labs!

sunny | Last updated: Sep 25, 2020 01:52PM UTC

Hi Michelle, thank you for following up. I finally had the opportunity to test and I still see issues: now I don't get the gateway timeout message anymore, the request simply "hangs". Once I remove the header X-Forwarded-Host all goes back to normal. Could you please check once again? Thank you so much!

Michelle, PortSwigger Agent | Last updated: Sep 25, 2020 03:45PM UTC

How many lines do you see after the last row of text for the header if you look at the request in the raw tab?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.