Hackzzz - The Notebook

File path traversal, simple case

https://portswigger.net/web-security/file-path-traversal/lab-simple

Level: Apprentice

In this lab we're going to be making the most basic's directory path traversal.
Where do I look for this vulnerability? You can look for this vulnerability in parameters that are getting a file from an application route.

In the parameter productId we will not find anything. Why? The parameter it's been used to indicate the number of a blog post, for example in a DB.
Looking through the html source code, we see that the is a filename and pointing to an image.
We can make it pointer to the file we want for example ( /etc/passwd, /var/log/apache2/apache2.log . etc. )

As it is a Directory Path traversal, we put the ../../../../../../ to get backwards on the system.

PreviousApprentice NextPractioner

Last updated 1 year ago