Programmerboy Pentesting Stuff

Broken Authentication

We can sometimes bypass Login Pages and Authentication Mechanisms using X-Forwarded-For Header

Below when i entered the credentials i got Invalid Credentials Error

Now i will add the X-Forwarded-For Header and it will bypass it

PreviousLocal and Remote File Inclusion NextServer Side Request Forgery (SSRF)

Last updated 1 year ago