Collaborate Disseminate
I came across DIRB which is used to find directories or files on the server. I have a website which has a login and every page will redirect to login page before you sign in. How do I run dirb on sites with authentication?
… Continue reading Using DIRB to find directories behind authentication [on hold]
suppose I have the following code that will display an image. The name of the image is supplied by the user as follows:
https://example.com/image.php?image=cat.jpg
My image.php file contains
$image = $_GET[‘image’];… Continue reading Is there a way to exploit file_get_contents that has a prepended website?
I am tasked with preventing a path traversal attack over HTTP by intercepting and inspecting the (unencrypted) transported data without direct access to the target server.
From some research it seems that a lot of the metho… Continue reading Preventing path traversal knowing only the input
Websites based on the Drupal content management system might be affected by a highly critical vulnerability that could result in remote code execution. The vulnerability affects websites running Drupal 8 with RESTful Web Services (rest) module enabled… Continue reading Drupal Patches Highly Critical Remote Code Execution Vulnerability
Hackers are exploiting vulnerabilities in a WordPress plug-in that was patched months ago without being publicly announced. A different vulnerability has been found in the same plug-in during a recent forensic investigation and has now been patched. I… Continue reading WordPress Sites Hacked Through Vulnerable Payment Forms Plug-in
I’m working on a php application that is handling file upload.
I’m trying to inject a path transversal payload in the filename such as /../../../../etc/.
The thing is that the vulnerable line of code is using the filename th… Continue reading Directory transversal in PHP with the $_FILES array?
This is my first time trying directory traversal and I found a web server online which had this vulnerability. I was however, unable to view the /etc/passwd file.
I could traverse up to the /etc directory. The passwd and sha… Continue reading Directory traversal – /etc/passwd unable to determine file format
I am about to start using https://find-sec-bugs.github.io.
It is reporting an error of: Bug type PATH_TRAVERSAL_IN for the following code:
def writeLocalFile(fileName: String, content: String): Unit = {
Files.write(Path… Continue reading Mitigate possible file traversal
I’m trying to run a directory traversal against the EdgeOS web server. I started the OWASP ZAP proxy with Firefox and tried to login with an incorrect username and password to look at the POST request. I am trying to modify t… Continue reading Running Directory Traversal Against POST Request Headers
I’m trying to fuzz an embedded web server. The problem is that the API requests require a user be logged in by sending a POST request with the username and password. Without the POST request the server will return a 403 error… Continue reading Sending a POST request with directory traversal attack