Skip to content

Latest commit

 

History

History
74 lines (59 loc) · 2.54 KB

RateLimitBypass.md

File metadata and controls

74 lines (59 loc) · 2.54 KB

Rate Limit Bypass Techniques

There are two ways to do that

  • Customizing HTTP Methods
  • Adding Headers to Spoof IP

1. Customizing HTTP Methods

  • If the request goes on GET try to change it to POST, PUT, etc.,
  • If you wanna bypass the rate-limit in API's try HEAD method.

Rate Limit Bypass using Header

Use the following Header just Below the Host Header

X-Forwarded-For: IP
X-Forwarded-IP: IP
X-Client-IP: IP
X-Remote-IP: IP
X-Originating-IP: IP
X-Host: IP
X-Client: IP

#or use double X-Forwarded-For header
X-Forwarded-For:
X-Forwarded-For: IP

Adding HTTP Headers to Spoof IP and Evade Detection

  • These are Headers I've collected so far to Bypass Rate-Limits.
X-Forwarded: 127.0.0.1
X-Forwarded-By: 127.0.0.1
X-Forwarded-For: 127.0.0.1
X-Forwarded-For-Original: 127.0.0.1
X-Forwarder-For: 127.0.0.1
X-Forward-For: 127.0.0.1
Forwarded-For: 127.0.0.1
Forwarded-For-Ip: 127.0.0.1
X-Custom-IP-Authorization: 127.0.0.1
X-Originating-IP: 127.0.0.1
X-Remote-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1

Rate Limit Bypass using Special Characters

  • Adding Null Byte ( %00 ) at the end of the Email can sometimes Bypass Rate Limit.
  • Try adding a Space Character after a Email. ( Not Encoded )
  • Some Common Characters that help bypassing Rate Limit : %0d , %2e , %09 , %20 , %0, %00, %0d%0a, %0a, %0C
  • Adding a slash(/) at the end of api endpoint can also Bypass Rate Limit. domain.com/v1/login -> domain.com/v1/login/

Using IP Rotate Burp Extension

  • Try changing the user-agent, the cookies... anything that could be able to identify you

  • If they are limiting to 10 tries per IP, every 10 tries change the IP inside the header. Change other headers

  • Burp Suite's Extension IP Rotate works well in many cases. Make sure you have Jython installed along.

  • Here You'll everything you need - https://github.com/PortSwigger/ip-rotate

You can find some more here - Check this out

Reference

Authors: