403bypasser
Türkçe
403bypasser, erişimine herhangi bir sebeple izin verilmeyen ve HTTP 403 durum kodunu döndüren sayfalara erişmek için çeşitli bypass tekniklerini otomatize eden bir araçtır. URL ve erişilmek istenen dizin parametreleri tek olarak ya da liste olarak verilebilir. Bu araç geliştirilmeye devam edecektir, katkılara açıktır.
English
403bypasser is a tool that automatize the techniques to bypass access control of the pages which return HTTP 403 status code that means accessing the page or resource you were trying to reach is absolutely forbidden for some reason. This tool takes two parameters(single or list): a URL and a directory. 403bypasser will continue to be improved and it is open to contributions.
Arguments: -u <single_url> -U <path_of_URL_list> -d <single_directory> -D <path_of_directory_list>
Kullanım / Usage
./bypass_403.sh -u <single_URL> -d <single_dir>./bypass_403.sh -U <path_of_URL_list> -D <path_of_dir_list>./bypass_403.sh -u <single_URL> -D <path_of_dir_list>./bypass_403.sh -U <path_of_URL_list> -d <single_dir>
Örnekler / Examples
./bypass_403.sh -u https://example.com -d example./bypass_403.sh -U some/path/urls.txt -D some/path/dirs.txt
Which Cases Does This Tool Check?
- Testing
https://url.com/path - Testing
https://url.com/%2e/path - Testing
https://url.com/path/. - Testing
https://url.com//path// - Testing
https://url.com/./path/./ - Testing
https://url.com/path/ - Testing
https://url.com/path..;/ - Testing
https://url.com/pathwith header poisoningX-Custom-IP-Authorization: 127.0.0.1 - Testing
https://url.com/anythingwith header poisoningX-Original-URL: /directory - Testing
https://url.comwith header poisoningX-Rewrite-URL: /directory
Added Features in v1.1: It's now possible to pass files (lists) to 403bypasser as input via arguments. Furthermore, two more test cases added:
poisoning with 1)X-Original-URL and 2)X-Rewrite-URL headers.