.png)
1 year ago
60 BOOK THIS SPACE FOR AD
ARTICLE ADHey Hackers, The method discussed below is for educational purposes only. Please do not use this for any illegal activities.
While I was hunting on a program on Intigriti, I had to approach the target blindly through fuzzing. But they had a very strong WAF which blocked my IP from fuzzing directories quickly.
Here is what my screen looks like in a casual bug bounty hunt:
Back to the lecture at hand, I noticed that the WAF blocks my ip address after I send 1 request per second in 10 seconds. Hence, after you send 10 requests from the same IP in 10 seconds you will get banned, and your fuzzer will return 429 useless status code.
Then, I came up with the idea of changing my IP address with TOR every 10 seconds automatically so I could avoid getting blocked.
TOR command line from scratch thanks to Hackersploit: https://www.youtube.com/watch?v=NN9fQwiomAU&t=10s
So, I used my basic bash skills to save the situation,
I wrote an infinite loop that starts tor, wait 10 seconds, stops tor, and starts tor again……
My ip started to change every 10 seconds automatically.
Now that you can deceive the firewall, run your scans comfortably.
Happy hunting.
Bengali (Bangladesh) · 
English (United States) ·