Automated URL-based Directory Traversal
Occasionally, websites call files using unrestricted functions; this can allow the fabled Directory Traversal or
Direct Object Reference (DOR). In this attack, a user can call arbitrary files within the context of the website by using a vulnerable parameter. There are two ways this can be manipulated: firstly, by providing an absolute link such as /etc/passwd
, which states from the root
directory browse to the etc
directory and open the passwd
file, and secondly, relative links that travel up directories in order to reach the root
directory and travel to the intended file.
We will be creating a script that attempts to open a file that is always present on a Linux machine, the aforementioned /etc/passwd
Get Python: Penetration Testing for Developers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.