CTF/path-normalization-bypasses
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
4 Commits 1 Branch 0 Tags
bc0faa45b24e659d9c12de185317ab2c52a96283
T
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
dub-flow bc0faa45b2 Minor README change
2024-05-15 15:56:53 +02:00
flask
Added Nginx-Flask bypass example
2024-05-15 15:54:34 +02:00
nginx.conf
Added Nginx-Flask bypass example
2024-05-15 15:54:34 +02:00
README.md
Minor README change
2024-05-15 15:56:53 +02:00

README.md

Path Normalization 403 Bypass Labs

This repository contains different scenarios for bypassing 403s leverage path normalization inconsistencies which stem from deny rules e.g. configured in Nginx. This work is inspired by https://rafa.hashnode.dev/exploiting-http-parsers-inconsistencies.

Setup (1 Command!)

  • You can run each of the scenarios by navigating into the folder and simply executing docker-compose up

Scenarios

Flask

  • Goal: Access /admin
  • Problem: Nginx has a rule to deny access to /admin and blocks you
  • Bypass: E.g. visit GET /admin\xa0 (note that you actually need to send the hex character, not the string \xa0)

Image containing the Flask Bypass Request and Response

Reference in New Issue View Git Blame Copy Permalink
S
Description
This repo contains labs for bypassing path normalization issues involving Nginx and e.g. Flask and Node.js
Readme 86 KiB
Languages
Dockerfile 58.5%
Java 15.2%
JavaScript 7.6%
Go 6.9%
Python 6.8%
Other 5%