What is Directory Traversal?

Показать описание

👩‍🎓👨‍🎓 Learn about Directory Traversal vulnerabilities. In this video, we are going to look at some basic strategies to test for directory traversal issues.

Overview:
00:00 Intro
00:16 Lab overview
01:16 Inspect HTTP responses
01:50 Simple Directory Traversal
02:52 Absolute Path Traversal
04:00 Non-Recursive Sanitization Traversal
05:00 Conclusion

---

Рекомендации по теме

Комментарии

studying for pentest+ and wanted more exposure to this type of attack. WOW you are great! LOVED the last one where it strips the ../ and still able to execute, very very crafty and sneaky!! Gonna check out some more of your videos. I'm having trouble with injection and buffer overflow attacks, hoping u have videos on them.

vrealitygaming

This video taught me more in 6 mins then reading 2 chapters of a the comptia security + book😂

AngryAmericanVet

The problem I have with trying to find this particular vulnerability is I can’t find the file name parameter. I test other fields and so far no luck in find the root etc passed. Is there any suggestions that might help me find this bug I have been told it can be anything.

But these tutorials specially go after file name.

AnthonyMcqueen

How do you know the file names to search for like etc/passwd? do you just take a guess at famous patterns?

Abdulrahman-wukf

Thanks for such great content.

I just wanted to know which tool you’re using? POSTMAN? I can’t find this in postman to see raw rendered data to send request back again like you did in video.

Please guide!

Thanks!

dramasreviewer

I spent 2 hours
it shouldn't be that simple :(
Thanks Dude <3

whoami_root

Hai can you please make a video about Insecure deserialization hole lab in portswigger I have so doughts like how it works in background everything please... can help me with that

julianjulian

Yeah I had a question, what i have to do, if i get response "301 Moved Permanently!"

SanthoshN-qh

ChatGPT taught me how to express thanks with emoticons:🌟💐🎁🎉🎊👏🤗🥰💖❤🙌🌺🌻🌷🌼🍀🍃🌈🌞

落珰

hey Bro your tuto video is great... Can you experiment on real website ? it will be good for us also look you found a bug

jokerr

man your mic sucked (I know this is 2 years old video but still since I am watching it today), whenever you take a breath it sends spikes through my ears

suvashsharmasubedi

What is Directory Traversal?

What is directory traversal? (file path traversal) - Web Security Academy

What is Directory Traversal?

What is Directory Traversal?

Directory Traversal Attacks Made Easy

Directory Traversal | Complete Guide

Is Your Site Vulnerable to Directory Traversal?

Directory Traversal and Command Injection - CompTIA Security+ SY0-401: 3.5

Path traversal attack

PHP Insecure Deserialization in Detail || Ethical Hacking

LFI and Path Traversal are different

What is directory traversal? (file path traversal) - @securiumacademy

Penetration Testing - Path Traversal Attack

Directory Traversal

Directory Traversal attack

Testing for directory traversal vulnerabilities with Burp Suite

What is Path Traversal Vulnerability | Explained | CyberSecurity | Web Application Security

WHAT IS DIRECTORY TRAVERSAL | 'Hackers' Favorite Trick | DIRECTORY TRAVERSAL IN HINDI

Mastering Directory Traversal: A Comprehensive Guide from Basics to Prevention

Directory traversal 1/2 DOMAIN 2 #comptiacysa

Directory Traversal Attacks Explained

What is Directory Traversal Attack | #BugHunting

What is Directory Traversal #DirectoryTraversal #shorts

What is Local File Inclusion? How Directory Traversal Works? Hunt for Path Traversal | Bug Bounty

[Hindi] Directory Traversal Attack | Path Traversal Attack | How to Find | Code review | Mitigations