Open in app

Sign in

Write

Sign in

Bypassing 403 leads to authentication token bypass and access internal resources.

Shahariar Amin
Aug 1, 2024

I think you can’t learn anything from my blog!

After completing recon in a website, I found a sensitive endpoint like https://api.example.com/cms/v1/proxy/query. By default, the request is in GET method, and it also needs an authentication token to access the resources.

I started finding the way to bypass 403. Then, I change the method from GET to POST and I saw the response is 200 OK and Authentication token is no longer needed.

Bypassing 403 leads to sensitive data disclosure about back-end functionalities and objects. Bugcrowd considered it as a P3 bug.

It’s really a low hanging fruit.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Shahariar Amin
Shahariar Amin

Written by Shahariar Amin

16 Followers
11 Following

Penetration Tester (Web Application),Bug Hunter,CSE student of RUET,Bangladesh.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams