Lab: Information disclosure in error messages

APPRENTICE

This lab's verbose error messages reveal that it is using a vulnerable version of a third-party framework. To solve the lab, obtain and submit the version number of this framework.

Access the lab

Solution

With Burp running, open one of the product pages.
In Burp, go to "Proxy" > "HTTP history" and notice that the GET request for product pages contains a productID parameter. Send the GET /product?productId=1 request to Burp Repeater. Note that your productId might be different depending on which product page you loaded.
In Burp Repeater, change the value of the productId parameter to a non-integer data type, such as a string. Send the request.
GET /product?productId="example"
The unexpected data type causes an exception, and a full stack trace is displayed in the response. This reveals that the lab is using Apache Struts 2 2.3.31.
Go back to the lab, click "Submit solution", and enter 2 2.3.31 to solve the lab.

Want to track your progress and have a more personalized learning experience? (It's free!)

In this topic

Information disclosure Find and exploit information disclosure

All topics

SQL injection XSS CSRF Clickjacking DOM-based CORS XXE SSRF Request smuggling Command injection Server-side template injection Insecure deserialization Directory traversal Access control Authentication Business logic vulnerabilities Web cache poisoning WebSockets Information disclosure

Lab: Information disclosure in error messages

Solution

In this topic

All topics

Find information disclosure vulnerabilities using Burp Suite