Mohammed Tiba
Apr 3, 2023

File path traversal, simple case

the initial step is to examine how the website functions. It is an e-commerce website that features a number of interesting products. It is advisable to read the product descriptions, even though it does not help with the lab.

Start by using /etc/passwd as the filename and adding some ../ to the beginning. It results in a “No such file” error with ../../etc/passwd, but once I go up three levels, this changes:

Mohammed Tiba

Mohammed Tiba
Mohammed Tiba

Written by Mohammed Tiba

I'm a cybersecurity engineering student with a keen interest in defensive security and pentesting.

No responses yet