CTF
/
path-normalization-bypasses
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repo contains labs for bypassing path normalization issues involving Nginx and e.g. Flask and Node.js
3 Commits 1 Branch 0 Tags 86 KiB
Dockerfile 58.5%
Java 15.2%
JavaScript 7.6%
Go 6.9%
Python 6.8%
Other 5%
Go to file
dub-flow 159c8ba296 Adjusted README 2024-05-15 15:55:55 +02:00
flask Added Nginx-Flask bypass example 2024-05-15 15:54:34 +02:00
README.md Adjusted README 2024-05-15 15:55:55 +02:00
nginx.conf Added Nginx-Flask bypass example 2024-05-15 15:54:34 +02:00

README.md

Path Normalization 403 Bypass Labs

This repository contains different scenarios for bypassing 403s leverage path normalization inconsistencies which stem from deny rules e.g. configured in Nginx. This work is inspired by https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies.

Setup (1 Command!)

  • You can run each of the scenarios by navigating into the folder and simply executing docker-compose up

Scenarios

Flask

  • Goal: Access /admin
  • Problem: Nginx has a rule to deny access to /admin and blocks you
  • Bypass: E.g. visit GET /admin\xa0 (note that you actually need to send the hex character, not the string \xa0)

Alt text