Introduction
Welcome to my new article, today I will show you how you can bypass IP Block from Websites caused by access of web petitions, this is typically in bruteforce attacks because this IP Block it’s very used to trying to block many web petitions from the same public IP.
When you see how to do this, you saw how easy is to bypass this, and you don’t need any previous advanced concept.
It’s important to highlight one thing, this bypass don’t work with all websites, only work with websites vulnerables to this headers, the only way to see if one web it’s vulnerable it’s trying it.
Perfect with this short explication I can start to show you how to perform this bypass.
Headers
Perfect, let’s start with this, to bypass this the idea is to add this header to say to the server you are in different IP, to do this if you need to do more than one web petition you need to change every new petition the value of these headers.
You can use all these headers:
- X-Forwarded-For
- X-Originating-IP
- X-Remote-IP
- X-Remote-Addr
There is the most used but you can search for more, between these options, the most used is the first (X-Forwarded-For).
To understand this now I show you a Proof-Of-Concept used in the HackTheBox machine.
POC ( Proof-Of-Concept )
I’m on the website from Altered machine in HTB when I see this error trying to bruteforce one PIN in the admin panel:
When I add all the headers like this:
When I do this I can keeping bruteforcing the panel:
Conclusions
This is how you can bypass Web IP Restrictions in the most easy way, I recommend you do this with Python it’s very easy and in this repository to bruteforce web login I use:
https://github.com/s3curitybyt3s/HTTP_POST-Login-BruteForce.git
Thank you … :)