Apache Header Tampering

Question

Can someone point me to the right track? On this one, I found the hidden directory, used an X-Forwarded-For: to see into that directory where scanning for files showed a lot of 404s, with just a few 403 response codes. I've tried everything I can think of with variations on X-Original-URL:, X-Rewrite-URL:, and X-Forwarded-Uri:, but none of them get me able to see into any of the files/directories. I've even tried a few variations instead of X-Forwarded-For:, such as X-Client-IP: and a few others. I feel like I must be missing something. I didn't find any actual .php files in the hidden directory but the question seems to indicate that there are some in there.&nbsp; I found what I think are other directories within that first hidden directory.&nbsp;

arthurdent · Accepted Answer

Finally solved it. The main fuzzing filelists in /usr/share/seclists/Discovery/Web-Content do not have a specific filename that is used to prevent web crawlers from entering directories. Once you identify that, everything else should be easy.&nbsp;

Forum Discussion

Apache Header Tampering

2 Replies

Featured Places

Help

Related Content

CVE-2022-33891 (Apache Spark) – Defensive Question 4

CVE-2022-33891 (Apache Spark) – Defensive Question 8

Re: Letter to Santa Entry access?

Re: Foundational Static Analysis: API Analysis step 10

Introduction to Metasploit: Ep.9 – Demonstrate Your Skills

Recent Discussions

Error in lab in SVMs Behavior Detection

Advanced CTF Challenge: Inner Maze

Malicious Document Analysis: Dropper Analysis

Healthcare Compliance

Microsoft Sentinel SOAR: Demonstrate Your Skills