Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/infosec-au/enumXFF
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
https://github.com/infosec-au/enumXFF
Last synced: 3 months ago
JSON representation
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
- Host: GitHub
- URL: https://github.com/infosec-au/enumXFF
- Owner: infosec-au
- Created: 2015-07-16T08:55:22.000Z (almost 9 years ago)
- Default Branch: master
- Last Pushed: 2022-03-29T23:40:31.000Z (about 2 years ago)
- Last Synced: 2024-01-20T18:16:57.072Z (5 months ago)
- Language: Python
- Size: 5.86 KB
- Stars: 213
- Watchers: 15
- Forks: 57
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
Lists
- Awesome-WAF - enumXFF - Eumerating IPs in X-Forwarded-Headers to bypass 403 restrictions (Awesome Tools / Evasion:)
- Awesome-WAF - enumXFF - Eumerating IPs in X-Forwarded-Headers to bypass 403 restrictions (Awesome Tools / Evasion:)
README
All you need to do is run the tool from the terminal giving the following input:
- Page to attempt (`http/https://website.com/page`)
- The content length of the response that you get when you are denied
- The IP range you wish the tool to attempt through `X-Forwarded-For`The tool will then simply request the given page with a range of IP addresses and then determine whether or not access to the said page is still forbidden.
`python enumXFF.py -t http://sketchysite.com/admin -badcl 234 -r 192.168.0.0-192.168.255.255`
The above command will attempt to request `http://sketchysite.com/admin` with all IP addresses in the range `192.168.0.0-192.168.255.255`. The python script takes advantage of asynchronous HTTP requests via the `requests-futures` module and hence should be fairly quick. Note, this tool only functions on Python2.
In addition to this, the enumXFF project on Github also contains a script called `generateIPs.py`. This will simply generate a list of comma delimited IP addresses that can be input directly to Burp's Intruder. If the tool isn't the best way for you, Burp's Intruder is a reliable option to fall back on.
To generate the IPs for the range 192.168.0.0-192.168.255.255, you would need to use the following command:
`python3 generateIPs.py -r 192.168.0.0-192.168.255.255 -o burp_xff_ips.txt`
Refer to this blog post for further details: https://shubh.am/enumerating-ips-in-x-forwarded-headers-to-bypass-403-restrictions/