Klaudia Profile picture
May 17 7 tweets 3 min read Twitter logo Read on Twitter
How we, @vidocsecurity, bypass 401 and 403 - practical tips for fellow #bugbounty hunters <thread> Image
Try fuzzing HTTP method/user agents, you would be surprised how many times simply changing User-Agent to e.g. mobile specific client worked. Image
Play with forward/referer type of headers and their values. Try different variants, fuzz common custom headers that follow the pattern with different formats of localhost/custom IP address. Image
Try path fuzzing with creative string literals, downgrade HTTP version. Image
Try to know as much as you can about the target technology. Good recon is a key, there are some technology-specific hacks, e.g. Spring in some older versions have specific workaround related to useSuffixPatternMatch. If set to true (default) /admin would also match /admin[.].*
When nothing works try less common techniques such as exploiting hop-to-hop headers - this is my favorite method, and I will write a separate thread about it. More about this technique can be found in our article: vidocsecurity.com/blog/401-and-4…
List of payloads for fuzzing is available in our Module Library - you can use them to automate work using Vidoc Research, method/headers fuzzing: app.vidocsecurity.com/public-library… and path fuzzing: app.vidocsecurity.com/public-library…

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Klaudia

Klaudia Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!

:(