OK, this tutorial is for ppl like me who use an alternative way of searching for things on internet, EXMPL: instead of typing: www.ubuntu.com/iso, I would go this way: " index of /ISO/Ubuntu " So this way i get into the website from the backdoor and have unrestricted search + i can download things that normally i would have to authenticate to get them.
But, sometimes the Website is restricted to only members and everytime u clic on something , gives you this error: ACCESS DENIED, ERROR 403.
Wel now i will show you how to bypass that error:
You come to a site, you find a directory, you see the contents of the directory. The only problem? The contents of that directory take you to a 403 authentication-based error.
Your scenario at a visual perspective :
www.Site.com/* * * * * * * * * * * * * * >> Accessible
www.Site.com/Directory* * * * * * * * >> Accessible
www.Site.com/Directory/file.exe* * *>> Restricted Access
I guess some of you know that you can bypass this through SSI includes, but that's only if there's a form somewhere in the site that will allow you to input data. If that was the case, you could just use a simple include such as
Code:
<!--#exec cmd="ls"-->
if the server is running linux, or
Code:
<!--#exec cmd="dir"-->
if the server is running windows.
(Of course, you'd need to tunnel through the directory to get the file, such as by using
Code:
<!--#exec cmd="ls /Directory/Files.exe"-->
)
BUT
What if there's no vulnerable form? What if there's nowhere to input SSI strings?
Basic URL tunneling is your friend here. Many of you are aware that the string "/../" means to move back a directory (and if you didn't, now you do).
Well, the "/./" string is simply translated as staying within the current directory. It's almost useless; why would you want to use a string to stay in the current directory... if you're already there?
Because, silly, most Authentication-based 403 errors are restricted to block access to the specific URL. It's not anticipating a request such as "/./", because that's just redundant - no one would use it.
Except for you, that is.
To bypass the 403 error in the most simplest of cases, the following format should be used :
www.Site.com/Directory/./File.exe
It's an unexpected request, but one which means the exact same thing. You're basically tricking the file manager, because the directory "/./" shouldn't be blocked. Therefore, the file that comes after that shouldn't be blocked, as well. Unless the file is actually given permissions through FTP, cPanel, etc.
I won't go into too much detail. Just know that, unless permissions are chmod-based, this method should be fine.
HAPPY HACKING
How To Bypass 403 Error
最新推荐文章于 2024-02-11 10:19:33 发布