Research Academy
My account Customers About Blog Careers Legal Contact Resellers
The Burp Suite User Forum was discontinued on the 1st November 2024.

Burp Suite User Forum

For support requests, go to the Support Center. To discuss with other Burp users, head to our Discord page.

SUPPORT CENTER DISCORD

Web Security Academy -> Insecure deserialization -> Some labs don't work

martinez | Last updated: Mar 03, 2021 09:08AM UTC

Hello, I'm just in the middle of your great academy and I found out that some labs in the insecure deserialization part doesn't work. Specifically: Lab: Using application functionality to exploit insecure deserialization Lab: Modifying serialized data types Lab: Arbitrary object injection in PHP Lab: Exploiting Java deserialization with Apache Commons Lab: Exploiting PHP deserialization with a pre-built gadget chain Lab: Exploiting Ruby deserialization using a documented gadget chain Lab: Developing a custom gadget chain for Java deserialization Lab: Developing a custom gadget chain for PHP deserialization Lab: Using PHAR deserialization to deploy a custom gadget chain I always get redirected to the https://portswigger.net/error page.

Ben, PortSwigger Agent | Last updated: Mar 03, 2021 10:49AM UTC

Hi, We experienced an issue that meant the Web Academy labs were not available to our users. The issue should now be fixed and all of the labs should now be available.

alvinoo | Last updated: Mar 09, 2023 06:04AM UTC

When I was editing the cookie, it shows: Input byte array has incorrect ending byte at 80

Ben, PortSwigger Agent | Last updated: Mar 09, 2023 11:16AM UTC