eJPT Junior Penetration Tester
ShopAuthorPatreonHTB Pro Labs
eJPT Junior Penetration Tester
eJPT Junior Penetration Tester
  • 🍕eJPT Study Notes
  • Author
  • eCPPTv2 Study Notes
  • INE eJPT Exam
    • Description
    • eJPT Certification
  • RFS Tips
    • Before the Exam
    • Prepare your Setup
    • Questions?
    • Start Hacking
  • Methodology
    • 1️⃣To Scan a Network
    • 2️⃣To Attack a Linux Machine
    • 3️⃣To Attack a Windows Machine
    • 4️⃣Pivoting Methodology
    • 5️⃣Linux Post Exploitation
    • 6️⃣Windows Post Exploitation
  • Community
    • LinkedIn
    • Discord
  • Networking
    • 🟢OSI Layers
    • 🟢Protocols
    • 🟢Subnetting
    • 🟢Routing
    • Pivoting
  • Network Protocols
    • 🟢FTP 21
    • 🟢SSH 22
    • ✅HTTP 80
    • 🟢NetBIOS 139
    • 🟠SMB 445
    • MySQL 3306
    • 🟢RDP 3389
  • Web Attacks
    • XSS
    • SQLi
    • Path Traversal
    • Command Injection
    • LFI - Local File Inclusion
    • LFI cheatsheet - HTB
  • Web CMS Attacks
    • Wordpress
    • Joomla
    • TomCat
  • Exploits
    • Search Exploits
    • Linux
    • Windows
  • Tools
    • dirb
    • 🟢Gobuster
    • Nmap
    • Netcat
    • Burpsuite
    • 🟢SQLMap
    • 🟢Metasploit
    • Hydra
    • 🟢John the Ripper
    • Hashcat
  • Web Tools
    • 😍RevShells
    • MD5 Crack
    • CyberChef
    • SecLists
  • TryHackMe Rooms
    • DogCat
    • Archangel
    • OWASP Juice Shop
  • Hack The Box Rooms
    • Page 2
  • Create Your Own Lab
    • Page 3
  • Other Resources
    • Page 1
  • TCM Security Courses
    • Page 4
Powered by GitBook
On this page
  • Path Traversal Attacks
  • Prevention
  • How Path Traversal Attacks Work

Was this helpful?

  1. Web Attacks

Path Traversal

Path Traversal Attacks

Path traversal attacks, also known as directory traversal attacks, occur when an attacker exploits vulnerabilities in a web application to access files and directories that are stored outside the web root folder.

By manipulating variables that reference files with ".." (dot-dot slash sequences), an attacker can read, modify, or delete sensitive files on the server, leading to unauthorized access or system compromise.

Prevention

  • Input Validation: Validate and sanitize all user inputs, rejecting suspicious patterns.

  • Use of Safelists: Employ safelists for file access and operations, restricting the files that can be accessed.

  • Least Privilege: Ensure the web server process runs with the minimal privileges necessary.

  • Updated Libraries: Keep all server software and libraries updated to mitigate known vulnerabilities.

How Path Traversal Attacks Work

At the core of a path traversal attack is the exploitation of the security mechanism that restricts web users to a certain directory—the web root directory. Attackers manipulate variables that reference filesystem paths, using sequences like ../ (dot-dot slash), aiming to break out of this designated directory.

For instance, if an application uses unvalidated external inputs to construct file paths, an attacker could craft a request that, instead of accessing intended files (e.g., webapp/resources/images/logo.png), accesses sensitive files elsewhere on the server (e.g., ../../etc/passwd).

This kind of attack leverages the fact that ../ is interpreted by the filesystem as a command to move up one directory.

Therefore, by repeatedly inserting ../ into file paths, attackers can traverse upward through the directory structure (a technique often called "dot-dot-slash attack") to reach critical system files or other confidential information, far beyond the intended confines of the web application.

PreviousSQLiNextCommand Injection

Last updated 1 year ago

Was this helpful?