Navigation X
ALERT
Click here to register with a few steps and explore all our cool stuff we have to offer!



 448

[HELP REQUEST] How to bypass rate limit (without proxies)

by 0x314 - 05 May, 2024 - 08:20 PM
This post is by a banned member (0x314) - Unhide
0x314  
Supreme
938
Posts
262
Threads
2 Years of service
#1
OP 05 May, 2024 - 08:20 PM (This post was last modified: 05 May, 2024 - 10:31 PM by 0x314. Edited 1 time in total.)
Hi there, how can I bypass the rate limit on https://pcsupport.lenovo.com/us/en/products/
After a few thousand requests, naturally I get banned/rate limited. How can I bypass this WITHOUT proxies?
[Image: 783kuwq.png]

I'm coding in javascript using axios.get
Fixed with basic solution for now that'll hold up for a while

[Image: 9lRmxuD.gif]
This post is by a banned member (UberFuck) - Unhide
UberFuck  
Godlike
1.557
Posts
375
Threads
5 Years of service
#2
06 May, 2024 - 06:36 AM
If you're being rate limited and it's strictly IP based, I'm not sure if there's a way around it without throttling requests or introducing proxies. They likely have some kind of "smart" WAF though that factors in a other things besides the source IP address. Generally speaking, if you *have* to use the same IP for a bunch of requests, try to make it seem more legitimate, and that the site is not under attack. Not knowing what you're trying to accomplish and types of requests, I would try to make it appear as though they're coming from a corporation where a large number of employees are hitting the website for some reason.

A few things you can try...
+ Introduce requests to other site pages between requests to the target URL - these are sometimes referred to as safe URL's.
+ Rotating user agents on requests to give the appearance that requests are coming from multiple machines / browsers.
+ Clear cookies after each request or batch of requests to get new session id's.
+ Introduce a random short delay between requests (technically throttling, however it will make your requests appear more natural and less like a bot).
This post is by a banned member (0x314) - Unhide
0x314  
Supreme
938
Posts
262
Threads
2 Years of service
#3
OP 06 May, 2024 - 10:58 AM
(06 May, 2024 - 06:36 AM)UberFuck Wrote: Show More
If you're being rate limited and it's strictly IP based, I'm not sure if there's a way around it without throttling requests or introducing proxies. They likely have some kind of "smart" WAF though that factors in a other things besides the source IP address. Generally speaking, if you *have* to use the same IP for a bunch of requests, try to make it seem more legitimate, and that the site is not under attack. Not knowing what you're trying to accomplish and types of requests, I would try to make it appear as though they're coming from a corporation where a large number of employees are hitting the website for some reason.

A few things you can try...
+ Introduce requests to other site pages between requests to the target URL - these are sometimes referred to as safe URL's.
+ Rotating user agents on requests to give the appearance that requests are coming from multiple machines / browsers.
+ Clear cookies after each request or batch of requests to get new session id's.
+ Introduce a random short delay between requests (technically throttling, however it will make your requests appear more natural and less like a bot).

Thank you very much for this!
I've looked around and found out they use edgesuite which captures loads of details (see http://m.edgesuite.net/ to see all that they collect). But yes, thanks I'll have a look and give some of these a shot.

[Image: 9lRmxuD.gif]

Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
 or
Sign in
Already have an account? Sign in here.


Forum Jump:


Users browsing this thread: 1 Guest(s)

About Cracked.io

Cracked.io is a community forum that suits basically everyone. We provide cracking tutorials, tools, leaks, marketplace and much more stuff! You can also learn many things here, meet new friends and have a lot of fun!
If you would like to contact us, you can send our staff team a message.

Navigation

Extras

Help

Account