Introduction to Directory Traversal Vulnerabilities
Hello, guys! How are you all doing? Today, we are starting a series on Directory Traversal vulnerabilities, and in this series, we will write a total of 6 articles. I will provide links to the other articles in this series along with this one, which is our 1st article on Directory Traversal vulnerability (Exploring Directory Traversal Vulnerability). First, let’s learn about what this vulnerability is and its impact.
Directory Traversal vulnerability is a vulnerability found in websites that allows an attacker to read server files by exploiting it. These files can include application source code or sensitive system files. If the impact of Directory Traversal vulnerability is high, an attacker can even execute arbitrary commands on the server and compromise the entire system.
Labs that we will cover in this series
File path traversal, simple case
Lab Description
First, we will solve the 1st lab on File path traversal, which is a simple case and can be easily solved. This lab contains a file path traversal vulnerability that can be found in the product images. To solve this lab, you need to retrieve the /etc/passwd file.
Lab Solution
First, access the lab. After accessing it, enable your Burp Suite proxy. Add the lab’s URL to the target tab so that we can easily filter the traffic.
Now, click on the view details of any product. You will start seeing the traffic in your Burp’s HTTP history.
Filter the traffic by selecting “Show only in scope items” and mark the “image” option on the right side. This will show us the image URLs where the vulnerability exists.
You can see that we found an image with a .jpg extension. We will send this request to the repeater for further testing.
You can see that I modified the filename to filename=../../../etc/passwd. This payload will go three directories back and fetch the /etc/passwd file to show us.
With this, we have successfully solved the PortSwigger Web Security Lab’s File path traversal simple case.
You can learn everything related to web security on our website. We upload the latest articles on web security topics on a daily basis, so stay with us.
The next topic to continue this series is OS Command Injection, You must have to complete the Directory traversal topic before starting the next topic in this series. Good Luck!
also read about Cross-site WebSocket hijacking
FAQS
Website security refers to protecting a website or web application from cyberattacks, unauthorized access, or other security threats.
Web application security means protecting a website from cyberattacks. These attacks may include vulnerabilities such as SQL injection, XSS, file inclusion, and others.
It is always a good practice to use an up-to-date browser with timely updates. Keep your browser plugins up-to-date, avoid malicious websites and links, and always enable 2-factor authentication while avoiding clickjacking.
Searching for someone’s social security number or credit card information on the dark web is illegal and unethical. It is important to always avoid such activities and protect yourself and others from cyber threats.
