Self Notes: Web Security Academy Directory Traversal Lab 5

Lab 6 Link

To solve this lab we need to exploit path traversal vulnerability in the image display endpoint, the application validates the supplied path starts with the expected folder. Let's test the application behavior:


Server Response:


Nothing is blocked so we exploit the application using this request:


Response from Server:


Lab Solved!

Comments

Popular posts from this blog

Before You Dive In...

OverTheWire: Bandit Lab

SSRF Notes: PortSwigger Labs Continued