4.6. Directory traversal

4.6.1. brief introduction

Directory traversal （ Also known as directory traversal /directory traversal/path traversal） By using ../ And so on directory control sequence or file absolute path to access any file and directory stored on the file system , Especially the application source code 、 The configuration file 、 Important system files, etc .

4.6.2. Attack load

4.6.2.1. URL Parameters

• ../
• ..\
• ..;/

4.6.2.2. Nginx Off by Slash

• https://vuln.site.com/files../

4.6.2.3. UNC Bypass

• \\localhost\c$\windows\win.ini

4.6.3. Filter around

• Single replacement

  • ...//
• URL code

• 16 position Unicode code

  • \u002e

• Super long UTF-8 code

  • \%e0%40%ae

4.6.4. defense

In the process of file operation API front , User input should be filtered . Whitelist can be used under strong rules , Only alphanumeric characters are allowed .

If the rule allows more characters , It is best to use the current operating system path normalization function to normalize the path , To filter , Finally, make relevant calls .

4.6.5. Reference link

• Directory traversal by portswigger
• Path Traversal by OWASP
• path normalization
• Breaking Parser Logic: Take Your Path Normalization Off and Pop 0days Out defcon

    Recommended reading

【 Resource Recommendation 】

• Special system for penetration test

• kali-linux-e17-2019.1a-amd64.iso System image
• kali-linux-e17-2019.1a-amd64.iso System image _kalilinux Mirror image -Linux Document resources -CSDN download
• kali-linux-2018.4-amd64 operating system
• kali-linux-2018.4-amd64 operating system _amdkalilinux-Linux Document resources -CSDN download
• manjaro-xfce-17.1.7-stable-x86_64.iso System image
• manjaro-xfce-17.1.7-stable-x86_64.iso System image _manjaro Image download ,manjaro System download -Linux Document resources -CSDN download
• WiFi Special infiltration system nst-32-11992.x86_64.iso Operating system image
• nst-32-11992.x86_64.iso Operating system image .zip_ Explanation and actual combat of common password cracking tools -Linux Document resources -CSDN download
• Parrot-security-4.1_amd64.iso Operating system image
• Parrot-security-4.1_amd64.iso Operating system image _ParrotSecurity-Linux Document resources -CSDN download
• manjaro-xfce-17.1.7-stable-x86_64 operating system
• manjaro-xfce-17.1.7-stable-x86_64 operating system _manjaroxfce Installation tutorial -Linux Document resources -CSDN download
• cyborg-hawk-linux-v-1.1 operating system
• cyborg-hawk-linux-v-1.1 operating system _cyborghawk Virtual machine installation tutorial -Linux Document resources -CSDN download

• Penetration test related tools

• Practical column of penetration test
• 【kali Commonly used tools 】 Online behavior monitoring tool        
• Internet behavior tools _ Explanation and actual combat of common password cracking tools - Network security document resources -CSDN download
• 【kali Commonly used tools 】 Caught tools Charles Windows64 position Free version
• Caught tools CharlesWindows64 Bit free version _ Explanation and actual combat of common password cracking tools - Network monitoring document resources -CSDN download
• 【kali Commonly used tools 】 Graphic printing tool stamp.zip
• Graphic printing tool stamp.zip_intext:LexSaints- Manufacturing document resources -CSDN download
• 【kali Commonly used tools 】brutecrack Tools [WIFIPR Chinese version ] And wpa/wpa2 Dictionaries
• brutecrack Tools [WIFIPR Chinese version ] And wpa/wpa2 Dictionaries _wifipr course - Other document resources -CSDN download
• 【kali Commonly used tools 】EWSA 5.1.282- Bag breaking tools
• 【kali Commonly used tools 】EWSA5.1.282- Bag breaking tools _kali Bag running tool - Manage software document resources -CSDN download
• 【kali Commonly used tools 】Realtek 8812AU KALI Network card driver and installation tutorial
• 【kali Commonly used tools 】Realtek8812AUKALI Network card driver and installation tutorial _kalirtl8812au,kali install 8812au drive - Network device document resources -CSDN download
• 【kali Commonly used tools 】 Wireless signal search tool _kali to update
• 【kali Commonly used tools 】 Wireless signal search tool _kali to update _kali to update - Internet document resources -CSDN download
• 【kali Commonly used tools 】inssider Signal test software _kali Commonly used tools
• 【kali Commonly used tools 】inssider Signal test software _kali Commonly used tools - Network management software document resources -CSDN download
• 【kali Commonly used tools 】MAC Address modification tool Protect the terminal from exposure
• 【kali Commonly used tools 】MAC The address modification tool protects the terminal from exposure _mac Modifier -Linux Document resources -CSDN download
• 【kali Commonly used tools 】 Script management tools php and jsp page Receive command parameters Execute... On the server side
• Script management tools php and jsp The page receives command parameters and executes them on the server side _intext:LexSaints- Network security document resources -CSDN download

• Java Realize photos GPS location 【 Full script 】
• ReadPicExif.zip-Java Document resources -CSDN download
• Python Realize photos GPS location 【 Full script 】
• python Locate the exact location of the photo, complete code script _ How to locate the location through photos -Python Document resources -CSDN download
• The goddess forgot the photo album password python20 Line code open 【 Full script 】
• The goddess forgot the photo album password python20 Line code open .py_keepalive_timeout-Python Document resources -CSDN download
• python Modify the background color of the certificate 、 size 、 background 、 Cutout 【 Complete source code 】
• python Modify the background color of the certificate 、 size 、 background 、 Cutout 【 Complete source code 】_python Change the color of the certificate -Python Document resources -CSDN download

python actual combat

• 【python actual combat 】 Ex girlfriend wedding ,python Crack the wedding scene WIFI, Changed the name to
• 【python actual combat 】 Encrypted from my ex girlfriend “520 happy .pdf“, I use python After cracking , But found
• 【python actual combat 】 Last night, , I use python Help the little sister next door P ID Photo Selfie , And found that ...
• 【python actual combat 】 My girlfriend worked overtime in the middle of the night and took a selfie python Boyfriend uses 30 Line of code found the amazing secret
• 【python actual combat 】python you TM Too skinny —— Just so 30 One line of code can record every move of the keyboard
• 【python actual combat 】 I forgot the password of the goddess album , I only use Python Yes 20 Line code ~~~

【pygame Development practice development 30 example Complete source code 】

• pygame game 26 Cases and source code 【 common 400M】_pygame Game works ,pygame Game source -Python Document resources -CSDN download

【pygame Game development column , Get the full source code + course 】

• Come and learn together pygame Well Game development 30 example （ Two ）—— Tower defense game
• Come and learn together pygame Well Game development 30 example （ Four ）—— Tetris games  
• Practical column of penetration test
• Windows AD/Exchange Management column
• Linux High performance server architecture  
• PowerShell Automation column

CSDN Official learning recommendation ↓ ↓ ↓

• CSDN Out of Python Full stack knowledge map , too strong , I recommend it to you ！