401 and 403 Bypass Cheat Sheet for Penetration Testers

If you can’t beat them…

Manual Techniques for 401 and 403 Bypass Change HTTP Method:
  • Experiment with different HTTP methods (GET, POST, PUT, DELETE) to bypass restrictions.
  • Alter URL Encoding: Manipulate URL encoding using double URL encoding, Unicode encoding, or mixed encoding to bypass access control.
  • Directory Traversal: Use “../” or “./” in the URL path to access restricted files and bypass directory restrictions.
  • Add Trailing Slash: Append a trailing slash (“/”) at the end of the URL path to bypass access control.
  • Case Manipulation: Modify the case of letters in the URL to bypass case-sensitive restrictions. HTTP
  • Headers Manipulation: Tweak headers like X-Forwarded-For, X-Originating-IP, or Referer to bypass IP or referrer restrictions.
  • URL Fragment: Attach a URL fragment (e.g., “#randomtext”) to bypass access control.

Automated Tools for 401 and 403 Bypass Bulk 403 Bypass:

  • A Python script to automate testing for common 403 bypass techniques. Access the tool at https://github.com/aardwolfsecurityltd/bulk_403_bypass.
  • byp4xx: A script that helps bypass 401 and 403 errors using various techniques. Find the tool at https://github.com/lobuhi/byp4xx.
  • bypass-403: A Python-based tool designed to bypass 403 Forbidden errors. Access the tool at https://github.com/iamj0ker/bypass-403.
  • ForbiddenPass: A tool focused on bypassing 403 Forbidden responses by testing different methods. Download the tool at https://github.com/gotr00t0day/forbiddenpass.
  • Burp Suite Extensions: Enhance Burp Suite with extensions, such as Autorize, to help bypass 401 and 403 errors. Access the extension at https://portswigger.net/bappstore/444407b96d9c4de0adb7aed89e826122.

Additional Resources for 401 and 403 Bypass OWASP:

  •  The Open Web Application Security Project (OWASP) provides a wealth of information on web application security, including guidance on bypassing access controls. Visit https://www.owasp.org for more information.
  • HackTricks: An excellent resource for penetration testing techniques, including bypassing 401 and 403 errors. Access the guide at https://book.hacktricks.xyz/network-services-pentesting/pentesting-web/403-and-401-bypasses.

Remember to always obtain proper authorization before conducting any penetration tests. This cheat sheet is intended for educational purposes and to enhance the security of web applications.

Source: 401 and 403 Bypass Cheat Sheet for Penetration Testers

Leave a Reply

You can use these HTML tags

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>