Bypassing 403 Protection To Get Pagespeed Admin Access

How to Bypass 403 restrictions?

There are many headers and paths which you can use to bypass 403 restrictions.

  1. Adding in URL Paths: Adding this in paths of the URL and the file which is forbidden
    /*
    /%2f/
    /./
    /
    /*/
  2. Adding Headers in request :By adding different headers in request with value 127.0.0.1 can also help in bypassing restrictions.

Steps I Did:

1)First I went to pagespeed admin panel location http://target.com/pagespeed_admin/ and found out it was 403-Forbidden.

Restricted Pagespeed Admin Panel
BBypassed Pagespeed Admin Panel

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Prajit Sindhkar

Prajit Sindhkar

1.5K Followers

I am a India Based Security Researcher, Bugcrowd Top 500 Hacker and Bug Bounty Leader of the BUGXS Community