Advanced directory traversal attacks against Linux

<h1>What is a directory traversal attack?</h1> <p>Directory traversal is a web vulnerability that allows an attacker to read files on the server that the application is running on.</p> <p>These examples prove that it&rsquo;s not only possible to read files but also do a lot more unintended actions. These examples focus on Linux and ASP .net.</p> <p>This is a follow-up article from:&nbsp;<a href="https://medium.com/system-weakness/advanced-directory-traversal-attacks-and-remediation-in-asp-net-core-bb15997c34a1" rel="noopener">https://medium.com/system-weakness/advanced-directory-traversal-attacks-and-remediation-in-asp-net-core-bb15997c34a</a></p> <p><strong>Example vulnerable code</strong></p> <p>This dotnet code reads a (text) file from MyFolder and returns the content. The filename is retrieved from the filename query string parameter.</p> <p><a href="https://medium.com/@jeroenverhaeghe/advanced-directory-traversal-attacks-against-linux-6a9a7ab27766"><strong>Read More</strong></a></p>
Tags: Against Linux