Nignx bypass techniques


#1

In a subdomain, I am getting the default page “Welcome to nginx on Debian!”. I am not sure about nginx version as it is not appearing in the header. Dirb is identifying three directories as content, script and image in that subdomain but all are getting 403 Forbidden by nginx. Is there any way I can make progress in this situation ?

Thanks in advance.


#2

403 Forbidden it’s not allowed for you but if directories like /etc/passwd for example you can do like …/…/…/…/…/…/etc/passwd or…/…/…/…/etc/passwd%00.jpg or encoded some time its work to bypass 403 or use proxy