From 1cb1550a8d5af18cc1ac0b2b84795d51a6aaf455 Mon Sep 17 00:00:00 2001
From: dub-flow <89262088+dub-flow@users.noreply.github.com>
Date: Thu, 16 May 2024 14:02:02 +0200
Subject: [PATCH] Added Spring Boot bypasses that still work

---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 9ec8c2f..06ada33 100644
--- a/README.md
+++ b/README.md
@@ -28,3 +28,8 @@ This repository contains different scenarios for bypassing 403s leverage path no
 
 ### Java (Spring Boot) 
 
+* Working bypass on `nginx@1.25.5`: We can access the `/admin` page by visiting `GET /admin;` (no fancy hex here, literally just a `;`)
+
+* Working bypasses on `nginx@1.20.2`
+    - `GET /admin;` also works here
+    - Moreover, `GET /admin\x09` (fancy hex character again!) works