.png)
6 months ago
27 BOOK THIS SPACE FOR AD
ARTICLE ADThis lab is vulnerable to web cache poisoning because cookies aren’t inc luded in the cache key. An unsuspecting user regularly visits the site’s home page. To solve this lab, poison the cache with a response that executes alert(1) in the visitor’s browser | Karthikeyan Nagaraj
This lab is vulnerable to web cache poisoning because cookies aren’t included in the cache key. An unsuspecting user regularly visits the site’s home page. To solve this lab, poison the cache with a response that executes alert(1) in the visitor's browser.
With Burp running, load the website’s home page.In Burp, go to “Proxy” > “HTTP history” and study the requests and responses that you generated. Notice that the first response contains a cookie fehost=prod-cache-01.Send this request to Burp Repeater.Place a suitable XSS payload in the fehost cookie, for example:fehost=someString"-alert(1)-"someStringResend the request until you see the payload in the response and X-Cache: hit in the headers.Once you get the hit, right click on response, click show response in browser then load the URL in the browser and confirm the alert() fires to solve the lab.
A YouTube Channel for Cybersecurity Lab’s Poc and Write-ups
Telegram Channel for Free Ethical Hacking Dumps
Thank you for Reading!
Happy Ethical Hacking ~
Author: Karthikeyan Nagaraj ~ Cyberw1ng
Bengali (Bangladesh) · 
English (United States) ·