A Directory traversal or path traversal, is a web security vulnerability that discloses the contents of directories on a server running an application.
This could lead to a local file inclusion (LFI) vulnerability which discloses the content of files saved on a server.
If the files exposed include application code or data, credentials for back-end systems, or sensitive operating system files, an attacker could utilize this information to compromise the hosting server.
The below list contains examples of possible strings used to enumerate directories through a URL.
Below them are lists of possible Linux and Windows operating systems that could contain sensitive information.
EXAMPLE: https://osbornepro.com/../../../etc/passwd
If you do not have appropriate permissions to test a website or application, DO NOT TOUCH IT!!!
OsbornePro LLC. copyright © . All Rights Reserved.