In this session we run a directory traversal attack on a server that is running basic file extension validation on provided filenames.
We make use a null byte injection attack to convince the server that the filename provided has the correct extension when we are actually requesting the contents of etc/passwd which doesn't have any filename extension.
00:00 Intro
00:24 Exploring the lab
01:38 File extension validation
02:11 Null bye Injection
04:07 Sending the null byte payload
This content is provided free of charge. Buy me a coffee though!
https://buymeacoffee.com/zenshell
Please like and subscribe, it means a lot!
