Directory Traversal in another and critical web application vulnerability which arises due to lack of validation from the server-side.
Directory traversal allow an attacker to read change the directory from the server and read the content of the other directories. For example, in Linux based servers the location for the webserver is
and if the website is inside this location then it will look like this
and if the attacker is able to do directory traversal attack he will use a basic command like payload and will go back to one directory or more and read the content of other directories in a simple way in command line
if you want to change your directory you use
cd command and if you want to go back to one directory like from
/var/www/ we use
cd ../ in the same way, if attacker add
www.example.com/../ we will go one directory back & can read the content of that directory and if he continues adding
../../ we will go back to the directories.
Let’s take an example if the website is Linux based and as you know it will be inside
/var/www/html in html folder, there is one directory called image and all images are stored inside that directory which you see on the web page
www.example.com/hello.jpg and if you do
../../../../../../../ you will be inside the root directory and then you can change the directory
( it doesn’t matter how many
../you add, if you add too many still you will be in the one directory when you reach the last )
once you are the last directory you can even change your directory like
www.example.com/../../../../../../../../../../../etc/passwd in this example first, you went to the root directory and then you are trying to go inside /etc to read the passwd file.
in case of windows, you have both the option available
../ or ..\ both will work. you can even check out this payload list.