hacktricks/network-services-pentesting/pentesting-web/403-and-401-bypasses.md

# 403 & 401 Bypasses

{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Support HackTricks</summary>

* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.

</details>
{% endhint %}

<figure><img src="../../.gitbook/assets/image (14) (1).png" alt=""><figcaption></figcaption></figure>

**Odmah dostupna postavka za procenu ranjivosti i penetraciono testiranje**. Izvršite potpuni pentest sa bilo kog mesta sa 20+ alata i funkcija koje idu od rekognicije do izveštavanja. Ne zamenjujemo pentestere - razvijamo prilagođene alate, module za detekciju i eksploataciju kako bismo im vratili malo vremena da dublje istraže, otvore shell-ove i zabave se.

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

## HTTP Verbs/Methods Fuzzing

Pokušajte koristiti **različite glagole** za pristup datoteci: `GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE, PATCH, INVENTED, HACK`

* Proverite zaglavlja odgovora, možda se može dobiti neka informacija. Na primer, **200 odgovor** na **HEAD** sa `Content-Length: 55` znači da **HEAD glagol može pristupiti informacijama**. Ali još uvek morate pronaći način da exfiltrirate te informacije.
* Korišćenje HTTP zaglavlja kao što je `X-HTTP-Method-Override: PUT` može prepisati korišćeni glagol.
* Koristite **`TRACE`** glagol i ako imate sreće možda u odgovoru možete videti i **zaglavlja koja su dodali međuproksiji** koja bi mogla biti korisna.

## HTTP Headers Fuzzing

* **Promenite Host zaglavlje** na neku proizvoljnu vrednost ([to je ovde uspelo](https://medium.com/@sechunter/exploiting-admin-panel-like-a-boss-fc2dd2499d31))
* Pokušajte [**koristiti druge User Agents**](https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/User-Agents/UserAgents.fuzz.txt) za pristup resursu.
*   **Fuzz HTTP zaglavlja**: Pokušajte koristiti HTTP Proxy **zaglavlja**, HTTP autentifikaciju Basic i NTLM brute-force (samo sa nekoliko kombinacija) i druge tehnike. Da bih sve ovo uradio, napravio sam alat [**fuzzhttpbypass**](https://github.com/carlospolop/fuzzhttpbypass).

* `X-Originating-IP: 127.0.0.1`
* `X-Forwarded-For: 127.0.0.1`
* `X-Forwarded: 127.0.0.1`
* `Forwarded-For: 127.0.0.1`
* `X-Remote-IP: 127.0.0.1`
* `X-Remote-Addr: 127.0.0.1`
* `X-ProxyUser-Ip: 127.0.0.1`
* `X-Original-URL: 127.0.0.1`
* `Client-IP: 127.0.0.1`
* `True-Client-IP: 127.0.0.1`
* `Cluster-Client-IP: 127.0.0.1`
* `X-ProxyUser-Ip: 127.0.0.1`
* `Host: localhost`

Ako je **putanja zaštićena** možete pokušati da zaobiđete zaštitu putanje koristeći ova druga zaglavlja:

* `X-Original-URL: /admin/console`
* `X-Rewrite-URL: /admin/console`
* Ako je stranica **iza proksija**, možda je proksi taj koji vam sprečava da pristupite privatnim informacijama. Pokušajte da zloupotrebite [**HTTP Request Smuggling**](../../pentesting-web/http-request-smuggling/) **ili** [**hop-by-hop zaglavlja**](../../pentesting-web/abusing-hop-by-hop-headers.md)**.**
* Fuzz [**posebna HTTP zaglavlja**](special-http-headers.md) tražeći različite odgovore.
* **Fuzz posebna HTTP zaglavlja** dok fuzzujete **HTTP metode**.
* **Uklonite Host zaglavlje** i možda ćete moći da zaobiđete zaštitu.

## Path **Fuzzing**

Ako je _/path_ blokiran:

* Pokušajte koristiti _**/**_**%2e/path \_(ako je pristup blokiran od strane proksija, ovo bi moglo zaobići zaštitu). Pokušajte takođe**\_\*\* /%252e\*\*/path (dupla URL enkodiranje)
* Pokušajte **Unicode zaobilaženje**: _/**%ef%bc%8f**path_ (URL enkodirani karakteri su poput "/") tako da kada se ponovo enkodira biće _//path_ i možda ste već zaobišli proveru imena _/path_
* **Druga zaobilaženja putanje**:
* site.com/secret –> HTTP 403 Forbidden
* site.com/SECRET –> HTTP 200 OK
* site.com/secret/ –> HTTP 200 OK
* site.com/secret/. –> HTTP 200 OK
* site.com//secret// –> HTTP 200 OK
* site.com/./secret/.. –> HTTP 200 OK
* site.com/;/secret –> HTTP 200 OK
* site.com/.;/secret –> HTTP 200 OK
* site.com//;//secret –> HTTP 200 OK
* site.com/secret.json –> HTTP 200 OK (ruby)
* Koristite svih [**ovih listu**](https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/Unicode.txt) u sledećim situacijama:
* /FUZZsecret
* /FUZZ/secret
* /secretFUZZ
* **Druga API zaobilaženja:**
* /v3/users\_data/1234 --> 403 Forbidden
* /v1/users\_data/1234 --> 200 OK
* {“id”:111} --> 401 Unauthorized
* {“id”:\[111]} --> 200 OK
* {“id”:111} --> 401 Unauthorized
* {“id”:{“id”:111\}} --> 200 OK
* {"user\_id":"\<legit\_id>","user\_id":"\<victims\_id>"} (JSON Parameter Pollution)
* user\_id=ATTACKER\_ID\&user\_id=VICTIM\_ID (Parameter Pollution)

## **Manipulacija parametrom**

* Promenite **vrednost parametra**: Od **`id=123` --> `id=124`**
* Dodajte dodatne parametre u URL: `?`**`id=124` —-> `id=124&isAdmin=true`**
* Uklonite parametre
* Promenite redosled parametara
* Koristite posebne karaktere.
* Izvršite testiranje granica u parametrima — pružite vrednosti poput _-234_ ili _0_ ili _99999999_ (samo neki primeri).

## **Verzija protokola**

Ako koristite HTTP/1.1 **pokušajte koristiti 1.0** ili čak testirajte da li **podržava 2.0**.

## **Druga zaobilaženja**

* Dobijte **IP** ili **CNAME** domena i pokušajte **kontaktirati ga direktno**.
* Pokušajte da **opterećujete server** slanjem uobičajenih GET zahteva ([To je uspelo ovom tipu sa Facebook-om](https://medium.com/@amineaboud/story-of-a-weird-vulnerability-i-found-on-facebook-fc0875eb5125)).
* **Promenite protokol**: sa http na https, ili za https na http
* Idite na [**https://archive.org/web/**](https://archive.org/web/) i proverite da li je u prošlosti ta datoteka bila **globalno dostupna**.

## **Brute Force**

* **Pogodite lozinku**: Testirajte sledeće uobičajene akreditive. Da li znate nešto o žrtvi? Ili ime CTF izazova?
* [**Brute force**](../../generic-methodologies-and-resources/brute-force.md#http-brute)**:** Pokušajte osnovnu, digest i NTLM autentifikaciju.

{% code title="Common creds" %}
```
admin    admin
admin    password
admin    1234
admin    admin1234
admin    123456
root     toor
test     test
guest    guest
```
{% endcode %}

## Automatski alati

* [https://github.com/lobuhi/byp4xx](https://github.com/lobuhi/byp4xx)
* [https://github.com/iamj0ker/bypass-403](https://github.com/iamj0ker/bypass-403)
* [https://github.com/gotr00t0day/forbiddenpass](https://github.com/gotr00t0day/forbiddenpass)
* [Burp Extension - 403 Bypasser](https://portswigger.net/bappstore/444407b96d9c4de0adb7aed89e826122)
* [Forbidden Buster](https://github.com/Sn1r/Forbidden-Buster)
* [NoMoreForbidden](https://github.com/akinerk/NoMoreForbidden)

<figure><img src="../../.gitbook/assets/image (14) (1).png" alt=""><figcaption></figcaption></figure>

**Odmah dostupna postavka za procenu ranjivosti i pentesting**. Pokrenite potpuni pentest sa bilo kog mesta sa 20+ alata i funkcija koje idu od recon do izveštavanja. Ne zamenjujemo pentestere - razvijamo prilagođene alate, module za detekciju i eksploataciju kako bismo im vratili malo vremena da dublje istraže, otvore shell-ove i zabave se.

{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}

{% hint style="success" %}
Učite i vežbajte AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Učite i vežbajte GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)

<details>

<summary>Podržite HackTricks</summary>

* Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
* **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili **pratite** nas na **Twitteru** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
* **Podelite hakerske trikove slanjem PR-ova na** [**HackTricks**](https://github.com/carlospolop/hacktricks) i [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repozitorijume.

</details>
{% endhint %}
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								# 403 & 401 Bypasses
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								{% hint style="success" %}
 								Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
 								Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								<details>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								<summary>Support HackTricks</summary>
-												arte

											
										
										
											2024-01-02 18:28:27 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Check the [**subscription plans**](https://github.com/sponsors/carlospolop)!
 								* **Join the** 💬 [**Discord group**](https://discord.gg/hRep4RUj7f) or the [**telegram group**](https://t.me/peass) or **follow** us on **Twitter** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 								* **Share hacking tricks by submitting PRs to the** [**HackTricks**](https://github.com/carlospolop/hacktricks) and [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repos.
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
 								</details>
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								{% endhint %}
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['README.md', 'binary-exploitation/rop-return-oriented-progra

											
										
										
											2024-05-08 16:34:17 +00:00
+								<figure><img src="../../.gitbook/assets/image (14) (1).png" alt=""><figcaption></figcaption></figure>
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								**Odmah dostupna postavka za procenu ranjivosti i penetraciono testiranje**. Izvršite potpuni pentest sa bilo kog mesta sa 20+ alata i funkcija koje idu od rekognicije do izveštavanja. Ne zamenjujemo pentestere - razvijamo prilagođene alate, module za detekciju i eksploataciju kako bismo im vratili malo vremena da dublje istraže, otvore shell-ove i zabave se.
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								## HTTP Verbs/Methods Fuzzing
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								Pokušajte koristiti **različite glagole** za pristup datoteci: `GET, HEAD, POST, PUT, DELETE, CONNECT, OPTIONS, TRACE, PATCH, INVENTED, HACK`
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Proverite zaglavlja odgovora, možda se može dobiti neka informacija. Na primer, **200 odgovor** na **HEAD** sa `Content-Length: 55` znači da **HEAD glagol može pristupiti informacijama**. Ali još uvek morate pronaći način da exfiltrirate te informacije.
 								* Korišćenje HTTP zaglavlja kao što je `X-HTTP-Method-Override: PUT` može prepisati korišćeni glagol.
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Koristite **`TRACE`** glagol i ako imate sreće možda u odgovoru možete videti i **zaglavlja koja su dodali međuproksiji** koja bi mogla biti korisna.
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								## HTTP Headers Fuzzing
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* **Promenite Host zaglavlje** na neku proizvoljnu vrednost ([to je ovde uspelo](https://medium.com/@sechunter/exploiting-admin-panel-like-a-boss-fc2dd2499d31))
 								* Pokušajte [**koristiti druge User Agents**](https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/User-Agents/UserAgents.fuzz.txt) za pristup resursu.
 								*   **Fuzz HTTP zaglavlja**: Pokušajte koristiti HTTP Proxy **zaglavlja**, HTTP autentifikaciju Basic i NTLM brute-force (samo sa nekoliko kombinacija) i druge tehnike. Da bih sve ovo uradio, napravio sam alat [**fuzzhttpbypass**](https://github.com/carlospolop/fuzzhttpbypass).
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
 								* `X-Originating-IP: 127.0.0.1`
 								* `X-Forwarded-For: 127.0.0.1`
 								* `X-Forwarded: 127.0.0.1`
 								* `Forwarded-For: 127.0.0.1`
 								* `X-Remote-IP: 127.0.0.1`
 								* `X-Remote-Addr: 127.0.0.1`
 								* `X-ProxyUser-Ip: 127.0.0.1`
 								* `X-Original-URL: 127.0.0.1`
 								* `Client-IP: 127.0.0.1`
 								* `True-Client-IP: 127.0.0.1`
 								* `Cluster-Client-IP: 127.0.0.1`
 								* `X-ProxyUser-Ip: 127.0.0.1`
 								* `Host: localhost`
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								Ako je **putanja zaštićena** možete pokušati da zaobiđete zaštitu putanje koristeći ova druga zaglavlja:
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
 								* `X-Original-URL: /admin/console`
 								* `X-Rewrite-URL: /admin/console`
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Ako je stranica **iza proksija**, možda je proksi taj koji vam sprečava da pristupite privatnim informacijama. Pokušajte da zloupotrebite [**HTTP Request Smuggling**](../../pentesting-web/http-request-smuggling/) **ili** [**hop-by-hop zaglavlja**](../../pentesting-web/abusing-hop-by-hop-headers.md)**.**
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Fuzz [**posebna HTTP zaglavlja**](special-http-headers.md) tražeći različite odgovore.
 								* **Fuzz posebna HTTP zaglavlja** dok fuzzujete **HTTP metode**.
-												Translated ['README.md', 'binary-exploitation/arbitrary-write-2-exec/aw2

											
										
										
											2024-05-05 22:40:09 +00:00
+								* **Uklonite Host zaglavlje** i možda ćete moći da zaobiđete zaštitu.
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								## Path **Fuzzing**
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								Ako je _/path_ blokiran:
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Pokušajte koristiti _**/**_**%2e/path \_(ako je pristup blokiran od strane proksija, ovo bi moglo zaobići zaštitu). Pokušajte takođe**\_\*\* /%252e\*\*/path (dupla URL enkodiranje)
 								* Pokušajte **Unicode zaobilaženje**: _/**%ef%bc%8f**path_ (URL enkodirani karakteri su poput "/") tako da kada se ponovo enkodira biće _//path_ i možda ste već zaobišli proveru imena _/path_
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
+								* **Druga zaobilaženja putanje**:
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* site.com/secret –> HTTP 403 Forbidden
 								* site.com/SECRET –> HTTP 200 OK
 								* site.com/secret/ –> HTTP 200 OK
 								* site.com/secret/. –> HTTP 200 OK
 								* site.com//secret// –> HTTP 200 OK
 								* site.com/./secret/.. –> HTTP 200 OK
 								* site.com/;/secret –> HTTP 200 OK
 								* site.com/.;/secret –> HTTP 200 OK
 								* site.com//;//secret –> HTTP 200 OK
 								* site.com/secret.json –> HTTP 200 OK (ruby)
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Koristite svih [**ovih listu**](https://github.com/danielmiessler/SecLists/blob/master/Fuzzing/Unicode.txt) u sledećim situacijama:
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* /FUZZsecret
 								* /FUZZ/secret
 								* /secretFUZZ
-												Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat

											
										
										
											2024-03-17 16:33:13 +00:00
+								* **Druga API zaobilaženja:**
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* /v3/users\_data/1234 --> 403 Forbidden
 								* /v1/users\_data/1234 --> 200 OK
 								* {“id”:111} --> 401 Unauthorized
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
+								* {“id”:\[111]} --> 200 OK
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* {“id”:111} --> 401 Unauthorized
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
+								* {“id”:{“id”:111\}} --> 200 OK
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* {"user\_id":"\<legit\_id>","user\_id":"\<victims\_id>"} (JSON Parameter Pollution)
 								* user\_id=ATTACKER\_ID\&user\_id=VICTIM\_ID (Parameter Pollution)
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								## **Manipulacija parametrom**
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat

											
										
										
											2024-03-17 16:33:13 +00:00
+								* Promenite **vrednost parametra**: Od **`id=123` --> `id=124`**
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
+								* Dodajte dodatne parametre u URL: `?`**`id=124` —-> `id=124&isAdmin=true`**
 								* Uklonite parametre
-												Translated ['README.md', 'binary-exploitation/rop-return-oriented-progra

											
										
										
											2024-05-08 16:34:17 +00:00
+								* Promenite redosled parametara
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Koristite posebne karaktere.
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Izvršite testiranje granica u parametrima — pružite vrednosti poput _-234_ ili _0_ ili _99999999_ (samo neki primeri).
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
 								## **Verzija protokola**
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								Ako koristite HTTP/1.1 **pokušajte koristiti 1.0** ili čak testirajte da li **podržava 2.0**.
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								## **Druga zaobilaženja**
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Dobijte **IP** ili **CNAME** domena i pokušajte **kontaktirati ga direktno**.
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* Pokušajte da **opterećujete server** slanjem uobičajenih GET zahteva ([To je uspelo ovom tipu sa Facebook-om](https://medium.com/@amineaboud/story-of-a-weird-vulnerability-i-found-on-facebook-fc0875eb5125)).
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* **Promenite protokol**: sa http na https, ili za https na http
 								* Idite na [**https://archive.org/web/**](https://archive.org/web/) i proverite da li je u prošlosti ta datoteka bila **globalno dostupna**.
-												GitBook: [master] 5 pages modified
											
										
										
											2021-09-19 15:52:48 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								## **Brute Force**
-												GitBook: [master] 5 pages modified
											
										
										
											2021-09-19 15:52:48 +00:00
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* **Pogodite lozinku**: Testirajte sledeće uobičajene akreditive. Da li znate nešto o žrtvi? Ili ime CTF izazova?
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* [**Brute force**](../../generic-methodologies-and-resources/brute-force.md#http-brute)**:** Pokušajte osnovnu, digest i NTLM autentifikaciju.
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								{% code title="Common creds" %}
-												GitBook: [#3160] No subject

											
										
										
											2022-05-01 13:25:53 +00:00
+								```
 								admin    admin
 								admin    password
 								admin    1234
 								admin    admin1234
 								admin    123456
 								root     toor
 								test     test
 								guest    guest
 								```
-												Translated ['README.md', 'backdoors/salseo.md', 'cryptography/certificat

											
										
										
											2024-03-29 21:14:05 +00:00
+								{% endcode %}
-												Translated to Serbian

											
										
										
											2024-02-10 13:11:20 +00:00
+								## Automatski alati
-												GitBook: [#3120] No subject

											
										
										
											2022-04-22 08:32:18 +00:00
 								* [https://github.com/lobuhi/byp4xx](https://github.com/lobuhi/byp4xx)
 								* [https://github.com/iamj0ker/bypass-403](https://github.com/iamj0ker/bypass-403)
 								* [https://github.com/gotr00t0day/forbiddenpass](https://github.com/gotr00t0day/forbiddenpass)
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								* [Burp Extension - 403 Bypasser](https://portswigger.net/bappstore/444407b96d9c4de0adb7aed89e826122)
-												Update 403-and-401-bypasses.md
											
										
										
											2023-10-21 12:30:38 +00:00
+								* [Forbidden Buster](https://github.com/Sn1r/Forbidden-Buster)
-												Translated ['network-services-pentesting/pentesting-web/403-and-401-bypa

											
										
										
											2024-07-18 15:59:51 +00:00
+								* [NoMoreForbidden](https://github.com/akinerk/NoMoreForbidden)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['README.md', 'binary-exploitation/rop-return-oriented-progra

											
										
										
											2024-05-08 16:34:17 +00:00
+								<figure><img src="../../.gitbook/assets/image (14) (1).png" alt=""><figcaption></figcaption></figure>
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								**Odmah dostupna postavka za procenu ranjivosti i pentesting**. Pokrenite potpuni pentest sa bilo kog mesta sa 20+ alata i funkcija koje idu od recon do izveštavanja. Ne zamenjujemo pentestere - razvijamo prilagođene alate, module za detekciju i eksploataciju kako bismo im vratili malo vremena da dublje istraže, otvore shell-ove i zabave se.
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['README.md', 'network-services-pentesting/512-pentesting-rex

											
										
										
											2024-07-29 09:26:35 +00:00
+								{% embed url="https://pentest-tools.com/?utm_term=jul2024&utm_medium=link&utm_source=hacktricks&utm_campaign=spons" %}
-												GITBOOK-3884: change request with no subject merged in GitBook

											
										
										
											2023-04-30 21:54:03 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								{% hint style="success" %}
 								Učite i vežbajte AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
 								Učite i vežbajte GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								<details>
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								<summary>Podržite HackTricks</summary>
-												arte

											
										
										
											2024-01-02 18:28:27 +00:00
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								* Proverite [**planove pretplate**](https://github.com/sponsors/carlospolop)!
 								* **Pridružite se** 💬 [**Discord grupi**](https://discord.gg/hRep4RUj7f) ili [**telegram grupi**](https://t.me/peass) ili **pratite** nas na **Twitteru** 🐦 [**@hacktricks\_live**](https://twitter.com/hacktricks\_live)**.**
 								* **Podelite hakerske trikove slanjem PR-ova na** [**HackTricks**](https://github.com/carlospolop/hacktricks) i [**HackTricks Cloud**](https://github.com/carlospolop/hacktricks-cloud) github repozitorijume.
-												Ad hacktricks sponsoring

											
										
										
											2022-04-28 16:01:33 +00:00
 								</details>
-												Translated ['macos-hardening/macos-security-and-privilege-escalation/mac

											
										
										
											2024-07-19 11:41:39 +00:00
+								{% endhint %}