HTTP - IP restriction bypass
Last updated
Last updated
Dear colleagues, We’re now managing connections to the intranet using private IP addresses, so it’s no longer necessary to login with a username / password when you are already connected to the internal company network. Regards, The network admin
Let's intercept this request in Burpsuite.
Next, we can send this request to the Repeater
.
It is a de-facto standard header for identifying the originating IP address of a client connecting to a web server through a proxy server.
We can add this header and set it's value to 192.168.0.1
as the origin should be connected to the internal company network.
For the final step we have to send this request to the server.