Skip to Main Content
Web Penetration Testing with Kali Linux 2.0, Second Edition
book

Web Penetration Testing with Kali Linux 2.0, Second Edition

by Juned Ahmed Ansari
November 2015
Intermediate to advanced content levelIntermediate to advanced
312 pages
7h 18m
English
Packt Publishing
Content preview from Web Penetration Testing with Kali Linux 2.0, Second Edition

Path traversal

An application is said to be vulnerable to path traversal attack when the user is able to navigate out of the web root folder. Users should only be restricted to the web root directory and should not be able to access anything above the web root. A malicious user will look out for direct links to files out of the web root, the most attractive being the operating system root directory. By altering the variable that references a file with different variations, it may be possible to access files stored on the server and exploit the path traversal flaw.

The most basic path traversal attack is using the ../ sequence to modify the resource request through the URL. The expression ../ is used in operating systems to move up one directory. ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

Joseph Muniz, Aamir Lakhani
Hands-On AWS Penetration Testing with Kali Linux

Hands-On AWS Penetration Testing with Kali Linux

Karl Gilbert Gupta, Benjamin Caudill

Publisher Resources

ISBN: 9781783988525