X-Forwarded-For Header
X-Forwarded-For-
Some web applications make it possible to restrict access based on IP address of the visitor. This is particularly common for administrator interfaces. It is a good idea to restrict this interface to the IP addresses that are known to be used by actual administrators. To implement this, the web application will check the REMOTE_ADDR value that the webserver passes through to the application.
The X-Forwarded-For header is usually set by a proxy, but it can also be added by an attacker. By adding his own X-Forwarded-For header, the attacker can spoof his IP address. If the IP block is implemented incorrectly, it can be bypassed by putting an allowed IP address in the header, even if the connection actually originated from a blocked IP address.
You can use "Bypass WAF" Burp plugin to automate this with session handler rule for proxy tab for all URL's.
Other Useful Headers-
X-Originating-IP: 127.0.0.1
X-Forwarded-For: 127.0.0.1
X-Remote-IP: 127.0.0.1
X-Remote-Addr: 127.0.0.1
X-Client-IP: 127.0.0.1
Thanks.
Comments
Post a Comment