Closed superboy-zjc closed 3 years ago
portswigger LAB:https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-unkeyed-query
My Setting: Obvious result: But no report。 plugin version: V1.27, burpsuite pro: 2012.2
That request is not a parameter bruteforce probe, it's param-miner identifying how many params it can put in one request before the server gets upset
portswigger LAB:https://portswigger.net/web-security/web-cache-poisoning/exploiting-implementation-flaws/lab-web-cache-poisoning-unkeyed-query
My Setting: Obvious result: But no report。 plugin version: V1.27, burpsuite pro: 2012.2