{"id":369,"date":"2023-04-28T21:37:34","date_gmt":"2023-04-28T16:37:34","guid":{"rendered":"https:\/\/brainlessideas.com\/?p=369"},"modified":"2023-04-28T21:52:18","modified_gmt":"2023-04-28T16:52:18","slug":"401-and-403-bypass-cheat-sheet-for-penetration-testers","status":"publish","type":"post","link":"https:\/\/brainlessideas.com\/index.php\/2023\/04\/28\/401-and-403-bypass-cheat-sheet-for-penetration-testers\/","title":{"rendered":"401 and 403 Bypass Cheat Sheet for Penetration Testers"},"content":{"rendered":"<p>If you can&#8217;t beat them&#8230;<\/p>\n<div>Manual Techniques for 401 and 403 Bypass Change HTTP Method:<\/div>\n<ul>\n<li>Experiment with different HTTP methods (GET, POST, PUT, DELETE) to bypass restrictions.<\/li>\n<li>Alter URL Encoding: Manipulate URL encoding using double URL encoding, Unicode encoding, or mixed encoding to bypass access control.<\/li>\n<li>Directory Traversal: Use \u201c..\/\u201d or \u201c.\/\u201d in the URL path to access restricted files and bypass directory restrictions.<\/li>\n<li>Add Trailing Slash: Append a trailing slash (\u201c\/\u201d) at the end of the URL path to bypass access control.<\/li>\n<li>Case Manipulation: Modify the case of letters in the URL to bypass case-sensitive restrictions. HTTP<\/li>\n<li>Headers Manipulation: Tweak headers like X-Forwarded-For, X-Originating-IP, or Referer to bypass IP or referrer restrictions.<\/li>\n<li>URL Fragment: Attach a URL fragment (e.g., \u201c#randomtext\u201d) to bypass access control.<\/li>\n<\/ul>\n<p>Automated Tools for 401 and 403 Bypass Bulk 403 Bypass:<\/p>\n<ul>\n<li>A Python script to automate testing for common 403 bypass techniques. Access the tool at https:\/\/github.com\/aardwolfsecurityltd\/bulk_403_bypass.<\/li>\n<li>byp4xx: A script that helps bypass 401 and 403 errors using various techniques. Find the tool at https:\/\/github.com\/lobuhi\/byp4xx.<\/li>\n<li>bypass-403: A Python-based tool designed to bypass 403 Forbidden errors. Access the tool at https:\/\/github.com\/iamj0ker\/bypass-403.<\/li>\n<li>ForbiddenPass: A tool focused on bypassing 403 Forbidden responses by testing different methods. Download the tool at https:\/\/github.com\/gotr00t0day\/forbiddenpass.<\/li>\n<li>Burp Suite Extensions: Enhance Burp Suite with extensions, such as Autorize, to help bypass 401 and 403 errors. Access the extension at https:\/\/portswigger.net\/bappstore\/444407b96d9c4de0adb7aed89e826122.<\/li>\n<\/ul>\n<p>Additional Resources for 401 and 403 Bypass OWASP:<\/p>\n<ul>\n<li>\u00a0The Open Web Application Security Project (OWASP) provides a wealth of information on web application security, including guidance on bypassing access controls. Visit https:\/\/www.owasp.org for more information.<\/li>\n<li>HackTricks: An excellent resource for penetration testing techniques, including bypassing 401 and 403 errors. Access the guide at https:\/\/book.hacktricks.xyz\/network-services-pentesting\/pentesting-web\/403-and-401-bypasses.<\/li>\n<\/ul>\n<p>Remember to always obtain proper authorization before conducting any penetration tests. This cheat sheet is intended for educational purposes and to enhance the security of web applications.<\/p>\n<p>Source: <em><a href=\"https:\/\/latesthackingnews.com\/2023\/04\/28\/401-and-403-bypass-cheat-sheet-for-penetration-testers\/\">401 and 403 Bypass Cheat Sheet for Penetration Testers<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>If you can&#8217;t beat them&#8230;<\/p>\n<p> Manual Techniques for 401 and 403 Bypass Change HTTP Method: Experiment with different HTTP methods (GET, POST, PUT, DELETE) to bypass restrictions. Alter URL Encoding: Manipulate URL encoding using double URL encoding, Unicode encoding, or mixed encoding to bypass access control. Directory Traversal: Use \u201c..\/\u201d or \u201c.\/\u201d in the URL [&#8230;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"footnotes":""},"categories":[6,2],"tags":[],"class_list":["post-369","post","type-post","status-publish","format-standard","hentry","category-internet","category-it","odd"],"_links":{"self":[{"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/posts\/369","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/comments?post=369"}],"version-history":[{"count":3,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/posts\/369\/revisions"}],"predecessor-version":[{"id":373,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/posts\/369\/revisions\/373"}],"wp:attachment":[{"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/media?parent=369"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/categories?post=369"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/brainlessideas.com\/index.php\/wp-json\/wp\/v2\/tags?post=369"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}