Path Traversal (Directory Traversal Vulnerability)

Overview

Description

Directory Traversal Vulnerability is a vulnerability that allows a Web application to read files located outside of the Web Server Root Directory.

Attacker can access critical files on web server like,

/etc/passwd
/etc/shadow
/proc/version
/proc/mounts

C:\WINDOWS/system32/win.ini (In windows)

Example

Let's say, webpage has link to contact page as, <a href="index.php?page=contact.php">Contact</a>

It is loading contact.php there. so URL becomes, https://website.com/index.php?page=contact.php

If this web app is vulnerable to Directory Traversal Vulnerability, Attackers can use either absolute path.

https://website.com/index.php?page=/etc/passwd

or relative path (Sequence of ../ needs to try)

https://website.com/index.php?page=../../../../etc/passwd

To access any file on the server like.

Impact

Your system would get compromised.

Prevention

• Avoid reading files based on user input
• Validate user input using a strong filter before processing it.

Tools

• DotDotPwn: The Directory Traversal Fuzzer