Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Web Cache Poisoning X-Forwarded-Host

Simon | Last updated: Apr 12, 2020 09:00PM UTC

Hi, I am attempting the "Web cache poisoning with an unkeyed header" lab. I am not receiving a response in the Repeater when I add the X-Forwarded-Host (example.com). However, I receive a response as normal with or without the cache buster. I have repeatedly read all the Port Swigger "Support" material and reconfigured my browsers. However, I cannot seem to put my finger on what the issue could be. Could I have misconfigured something? Thank you.

Muhammad | Last updated: Aug 21, 2020 03:19PM UTC

Yes, I am facing the same problem.

Michelle, PortSwigger Agent | Last updated: Aug 24, 2020 08:35AM UTC

Hi Are you getting no response at all to your request sent via Repeater or do you get a request that always says 'miss'?

Matabufalez | Last updated: Nov 15, 2020 02:52PM UTC

I guess this is old but I'm facing the same problem. Same with the "Web cache poisoning with multiple headers" lab. I just get no response at all. Not even a "miss".

Ben, PortSwigger Agent | Last updated: Nov 16, 2020 10:37AM UTC

Hi, Have you checked out the video solution for this lab, made by one of our users, to see if you are on the right track: https://www.youtube.com/watch?v=cbp7M1Mj5ts

Lara | Last updated: Jun 23, 2022 06:39AM UTC

Hi! Same issue: whenever I try to add any X-Forwarded-... header to a request, a blank response is returned after a long waiting time.

Ben, PortSwigger Agent | Last updated: Jun 23, 2022 07:05AM UTC

Hi Lara, Firstly, are you able to confirm which lab(s) you are having issues with? Secondly, are you able to share with us any details of the steps you are taking to try and solve the lab(s) and what the troublesome request looks like?

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.