Path Traversal - Google Gruyere // Information disclosure via path traversal // walk-through

Disclaimer This is educational purpose video only. I did not harm anyone I just do ctfs and make that walkthrough and explain what of the method here in use, so please don&use this because hacking is crime if you do this then it&can land you in jail. I¬ support any kind of illegal or malicious of illegal or malicious hacking. -------------------------------------------- Path Traversal Most web applications serve static resources like images and CSS files. Frequently, applications simply serve all the files in a folder. If the application isn&careful, the user can use a path traversal attack to read files from other folders that they shouldn&have access to. For example, in both Windows and Linux, .. represents the parent directory, so if you can inject ../ in a path you can "escape" to the parent directory. If an attacker knows the structure of your file system, then they can craft a URL that will traverse out of the installation directory to /etc. For example, if Picasa was vulnerable to path traversal (it isn&and the Picasa servers use a Unix-like system, then the following would retrieve the password file: Information disclosure via path traversal Find a way to read secret.txt from a running Gruyere server. Amazingly, this attack is not even necessary in many cases: people often install applications and never change the defaults. So the first thing an attacker would try is the default value. Hint 1 This isn&a black box attack because you need to know that the...