[Access Control] Lab 1: Traversal Lab

April 26, 2024

[Access Control] Lab 1: Traversal Lab

This The first lab apart of my Burp Suite Learning path way as i work toward my Burp suite certified,

First step I always do whenever trying to find vulnerability in web application is loading the web page with my proxy off just so i can interact with the website and get understand of the structure of the site.

so it is a site with lots of images. so now ill turn on my foxy proxy and will see what requests are being sent.

as we can see there is a potential for a file path traversal

im going to send this request to my repeater so i can mess with it and see the response

the reason that I did

is because the website would be located in a

this will allow us to traverse each time up into the parent directory since that is how Linux interprets it. allowing me to travers the sys in to the parent directory all way into the /etc/passwd file in linux and we were able to get response from the server with that file contents.

Search This Blog

Michael.N Cyber Security Blog

[Access Control] Lab 1: Traversal Lab

Popular Posts

Active Directory Pentesting Lab Set up VMWARE (Windows Server 2022)

Attacktive Directory ~ Write-up