Directory Traversal #11
Description
- LAST UPDATED DATE: 12 - 13 - 15
- LAST UPDATED BY: Mike Hodges
Summary
Directory traversal is an HTTP exploit which allows attackers to access restricted directories and/or execute commands outside of the web server's root directory.
Capabilities and Risk
- Access restricted files such as application source code with the permissions of the web server
Detection
- Identify user input that the application uses in order to retrieve files and attempt to access higher directories
by inputting a ../ ex. ../../../../etc/passwd. - You will often encounter input filters that discourage simple ../ so try different
encodings and patterns such as url encoded or unicode encoded characters.
Remediation
- Properly sanitize user input that is used to access files on the server
References
- https://www.owasp.org/index.php/Path_Traversal
- http://projects.webappsec.org/w/page/13246952/Path%20Traversal
Exploitation
Input example source code here