1. Use basic directory traversal: ../../../../etc/passwd 2. Use absolute path: /etc/passwd 3. Use recursion: ..././..././..././..././etc/passwd 4. Use double url encoding %25%32%65%25%32%65%2...

Lab 6 - Directory Traversal - File path traversal, validation of file extension with null byte bypass Lab Objective: This lab contains a path traversal vulnerability in the display of product i...

Lab 5 - Directory Traversal - File path traversal, validation of start of path Lab Objective: This lab contains a path traversal vulnerability in the display of product images. The application ...

Lab 4 - Directory Traversal - File path traversal, traversal sequences stripped with superfluous URL-decode Lab Objective: This lab contains a path traversal vulnerability in the display of pro...

Lab 3 - Directory Traversal - File path traversal, traversal sequences stripped non-recursively Lab Objective: This lab contains a path traversal vulnerability in the display of product images....

Lab 2 - Directory Traversal - File path traversal, traversal sequences blocked with absolute path bypass Lab Objective: This lab contains a path traversal vulnerability in the display of produc...

Lab 1 - Directory Traversal - Simple Case Lab Objective: This lab contains a path traversal vulnerability in the display of product images. To solve the lab, retrieve the contents of the /etc/p...

Introduction Directory traversal or also known as file path traversal is a vulnerability that allows an attacker to read files on the server that is running the application. Reference: Rana K...

Authentication Mystery Labs Checklist There are two types of authentication methods we will examine. The first involves using credentials, where we will test default credentials. The second invo...

Lab 14 - 2FA bypass using a brute-force attack Lab Objective: This lab’s two-factor authentication is vulnerable to brute-forcing. You have already obtained a valid username and password, but d...