Lab: Path Traversal

-

 

This was a basic lab demonstrating the security flaw present in some websites, exploiting which the attacker is able to traverse the file system of the hosting server.

I start the lab by accessing the website:

There were no obvious discrepancies with the website so I refresh the page but this time I am intercepting my requests in burpsuite.

I previously learned in the section how the website's `GET` requests can be manipulated, and in my intercepted request the website was trying to get the images for the products.

I knew from my linux courses that in linux servers the html resources or the webserver root directory is generally in `/var/www/`.

And from the request we are in `images` folder within the website root, so all I needed to do was backtrack to `/` and from there navigate to `/etc/passwd`:

And as you can see, this gave me the `/etc/passwd` file I was looking for.



Comments

Post a Comment

Popular posts from this blog

[TryHackMe] BrainPan 1

-
Image
So I was selected in one of the teams Sheridan is sending for cybersci and that meant I gotta prepare myself for the challenge, and what better way to do it than try a hard lab (I should have started with something easier, but atleast the pain was a learning experience). This is my writeup for BrainPan 1, or as I like to call it Brain Pain.
Read more

Malware Analysis Report: Sample SmokeScreen

-
Image
Basic Facts Components -         PASTA_MENTOR_PROMO_DEAL_agreement.docx.scr       (Initial Stage) [Program1.exe]      sha256 8d204db953fd7d637f8718f56fbecfbf93ebcc8e7402ce71d5c52b01689777a2       Program1.main.exe        (Second Stage) [Runs under InstallUtil.exe]      sha256 c7ce154d0ab5aec517829623f7b3b30a4e0ea6dc981fdf13134a8f263a062a9a   Malware Type: Injector/Info-Stealer  Windows PE | C# (stage 1) | Nim (stage 2)   --*--*--
Read more