LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

Filename Leads to Path Traversal

3 years ago 219
BOOK THIS SPACE FOR AD
ARTICLE AD

Sesank Munukutla

Hello..! My Name Is Surya Sesank.M. I Am Freelancer & Pentester. Today I am Going to Share Path Traversal that leads to Sensitive Information. I did this in a private program that was not disclosed to the public so I name it test.com

A path traversal attack (also known as directory traversal) aims to access files and directories that are stored outside the webroot folder. By manipulating variables that reference files with “dot-dot-slash (../)” sequences and its variations or by using absolute file paths, it may be possible to access arbitrary files and directories stored on the file system including application source code or configuration and critical system files.

Let's Get into the Movie….!

It is a shopping site, I check all the parameters of the website and I got a subdomain with an endpoint of product id & with an upload file https://www.tset.com/product=1? this leads to giving the stock information of product id in the backend with another subdomain.

I opened up the burp suite and check the website's back-end process and I got the filename parameter for XSS.

Then I checked twice to upload a file in the filename parameter but it didn't work and tried image to exploit the XSS through Image XSS upload creation with an image.svg.jpg. it also not worked.

I took a break and came back tried to do it in another Way. With the Help of Medium article and youtube channels then I found the way to find the root.

I simply captured the request and it went to 200 OK. Then I tried to bypass some payloads to get the root of the website.

some of them are

../etc/passwd

../../..//etc/passwd

…./….//…./?etc/passwd

..//..//..//etc/passwd%00.png

I tried a few more to bypass it. and you can automate this with a Tool from GitHub from manual to automate.

Finally ….! Boom I gotch it. I got to the root of the website which is a path traversal and gives sensitive information.

finally, I reported it to them .. they Accepted it as a valid one and it Was P3. Still waiting for a replay.

All you need is patience.

Read Entire Article
  3. Filename Leads to Path Traversal

Related

How to Create an Android Payload in Just 1 Minute | Ethical Hacking

How to Create an Android Payload in Just 1 Minute | Ethical Hacking

Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Program

Crack the Code: Earn Up to $500K in InceptionLRT’s Bug Bounty Program

Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability

Cisco Warns of Attacks Exploiting Decade-Old ASA Vulnerability

Energy Sector Contractor ENGlobal Targeted in Ransomware Attack

Energy Sector Contractor ENGlobal Targeted in Ransomware Attack

Docker/Kubernetes (K8s)Penetration Testing Checklist

Docker/Kubernetes (K8s)Penetration Testing Checklist

How I was able to Sign Up at one of the Company Panels ? P3 $$$

How I was able to Sign Up at one of the Company Panels ? P3 $$$

Trending

1. Vinod Kambli
2. Granules India
3. Sufiyan Muqeem
4. South Korea
5. Syed Mushtaq Ali Trophy
6. CAT 2024
7. Maharashtra Chief Minister Eknath Shinde
8. Shivam Dube
9. Park Min Jae
10. Suryakumar Yadav

Popular

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved