What is File Path Traversal? Stealing the contents of the /etc/passwd file...
Details
| Title | What is File Path Traversal? Stealing the contents of the /etc/passwd file... |
| Author | z3nsh3ll |
| Duration | 12:01 |
| File Format | MP3 / MP4 |
| Original URL | https://youtube.com/watch?v=Wt0gk05MBz0 |
Description
In this video we'll answer the question 'What is File Path Traversal?'
It's a type of web security vulnerability that allows arbitrary read access on directories that should not be available to an end user.
In this lab we exploit vulnerable web images to steal the contents of the /etc/passwd file as proof of concept.
This content is provided free of charge. Buy me a coffee though!
https://buymeacoffee.com/zenshell
Please like and subscribe, it means a lot!
00:00 Intro
00:33 Why etc/passwd ?
01:15 Analysing the vulnerables images
03:21 Exploiting file path traversal vulnerability
05:13 Analysing the browser response to /etc/passwd request
06:55 Inspecting the response in Burp suite
08:11 Accessing the /etc/passwd through the browser
10:51 Summary
