Contact us: info@akimbocore.com

Path Traversal Cheat Sheet: Linux

Published: 06 August 2021    Last Updated: 03 November 2022

Got a path/directory traversal or file disclosure vulnerability on a Linux-server and need to know some interesting files to hunt for? I’ve got you covered Know any more good files to look for? Let me know!

The list included below contains absolute file paths, remember if you have a traversal attack you can prefix these with encoding traversal strings, like these:


Continue Reading

Path Traversal Cheat Sheet: Windows

Published: 06 August 2021    Last Updated: 03 November 2022

Got a path/directory traversal or file disclosure vulnerability on a Windows-server and need to know some interesting files to hunt for? I’ve got you covered Know any more good files to look for? Let me know!

The list included below contains absolute file paths, remember if you have a traversal attack you can prefix these with encoding traversal strings, like these:


Continue Reading

Exploiting Path Traversal

Published: 07 June 2021    Last Updated: 03 November 2022

Path Traversal, also known as Directory Traversal, is a vulnerability where a user can alter a path used by an application. For file retrieval functionality this can allow an attacker to access files that are not intentionally disclosed. For file upload functionality this can allow for website defacement, code execution and stored cross-site scripting attacks.


Continue Reading