Path Traversal a.k.a Directory Traversal:
Path traversal is an attack which aims to access files and directories outside the web root folder such as Application code and data, Credentials for back-end systems and Sensitive operating system files. The attack is generally carried out by using directory traversal commands of the command line, depending on the operating system being used.
in Linux, it is the dot dot slash (../) and in windows, dot dot backslash (..\)
Path Traversal Lab:
Upon beginning the path traversal lab in Web Security academy, the first page again provides a brief description on what path traversal is. The next page provides a basic example on how to perform the attack. We then come to the final page with the link to access the lab, along with instruction on what file to access.
The images on a server are stored in a directory - /var/www/images/. This information is the reference as to where the starting point is.
The starting page of the the lab is in the screenshot below.
in the example, an image file link is used to access the files.
Following in a similar fashion, go to inspect link of an image in the browser
In the inspect tab find the link to the image and open the image in a new tab
Once the image is open in a new tab, go to the URL
and replace the part "12.jpg with the direction to the /etc/passwd file
This will access the /etc/passwd file. Although the file is not displayed, the lab will display as passed.