Want to run this Docker container locally?

 docker run -d -p 3030:3030 --restart always --name ctf-403 joshbeck2024/403-bypass-ctf

You’ll want to intercept the request to the website with Burp Suite and send it to the repeater.

• Need a Burp Refresher: Click Here

Once in the repeater tab add the header:

X-Forwarded-For: 127.0.0.1

Note: This value can be fuzzed using a 403 bypass wordlist as well.

• Here is a writeup from a previous CTF that explains how to do this!