I have an Apache server which seems to be vulnerable to Path traversal, because when I test This url : http://localhost/ati/../test.txt
it will be changed to the this: http://localhost/test.txt and the server shows the contents of test.txt file.
However, when I test this url: http://localhost/ati/../../../../../../../../../../../../../../../../../../../etc/apache2/apach2.conf
the url will be changed to: http://localhost/etc/apache2/apache2.conf and therefore the server gives a 404 Not found response and does not show the content of apache2.conf file.
My first question is: Does it mean that I am secure against path traversal attack regarding the fact that I have not changed any default settings of the Apache on my server?
And my second question is: why the server does not allow to traverse beyond the root of the web server folder? i.e. why can't I access outer files than localhost folder on my web server? How can I exploit path traversal if my server is vulnerable?
Aucun commentaire:
Enregistrer un commentaire