May 2017
Intermediate to advanced
416 pages
21h 33m
English
When writing NSE scripts to exploit path traversal vulnerabilities, remember that IPS/IDS vendors will create patches to identify your detection probes. If possible, I recommend you use the stealthiest encoding scheme supported. In the previous example, no other encoding was read correctly in the application, and we had no choice but to use the well-known pattern "../" that is easily detected by any decent WAF/IPS/IDS.
I recommend the tool Dotdotpwn (http://dotdotpwn.blogspot.com/) and its module payload, to locate obscure encodings when exploiting path traversal vulnerabilities. Ideally, you could also write a small function that randomly uses a different path traversal pattern with each request:
local traversals = {"../", ...Read now
Unlock full access