"The word 'radical' derives from the Latin word for root. Therefore, if you want to get to the root of anything you must be radical. It is no accident that the word has now been totally demonized..." -- Gore Vidal
This is just a basic article on Directory transversal. You may find it useful for some of hts’s realistic missions.
Disclaimer: I do not take any responsibility for any of the information in this document or the uses it is put to.
What is directory transversal?
Simply it is a way do navigate from one web page to another usually the one above it.
It is similar to using the cd command in MS-DOS.
It works like this.
Add /../ to the end of any web address and it will take you back to the directory above it.
Simple isn’t it.
If we had a URL like this, www.somewebpagehere.com/a/b/c now if we were to add /../ to the end like so, www.somewebpagehere.com/a/b/c/../ then it would take us back to www.somewebpagehere.com/a/b. If you were to add /../../to the end it would take you back to www.somewebpagehere.com/a.
Okay so now you understand the basics of directory transversal.
Here’s where things get a little trickier.
Say you had this scenario. Folder A contains file B and file C and you want to get from B to C. So you are at www.webpage.com/B what you have to do is add /../C. so you end up with, www.webpage.com/B/../C this takes you from file B to folder A and then down to file C.
How is this useful?
As you progress in hts you will come across many situations where directory transversal is useful for completing a mission. So go and try it and you will find out exactly how it can be used.
Thanks for reading my article I hope it was useful.
neco
Cast your vote on this article 10 - Highest, 1 - Lowest
Comments: Published: 26 comments.
HackThisSite is the collective work of the HackThisSite staff, licensed under a CC BY-NC license.
We ask that you inform us upon sharing or distributing.
