Scribd
Upload
45 views11 pages

Week 5 HTTP Path Traversal

HTTP is the fundamental protocol for data exchange on the web, operating as a request-response model where clients send requests and servers respond. It is stateless, meaning each request is independent, which simplifies scaling but necessitates additional mechanisms like sessions and cookies to maintain user state. Path traversal vulnerabilities can allow attackers to access or modify sensitive files on a server, and preventive measures include validating user input and using filesystem APIs to ensure safe path handling.

Uploaded by

p66zxz4fd4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
45 views11 pages

Week 5 HTTP Path Traversal

HTTP is the fundamental protocol for data exchange on the web, operating as a request-response model where clients send requests and servers respond. It is stateless, meaning each request is independent, which simplifies scaling but necessitates additional mechanisms like sessions and cookies to maintain user state. Path traversal vulnerabilities can allow attackers to access or modify sensitive files on a server, and preventive measures include validating user input and using filesystem APIs to ensure safe path handling.

Uploaded by

p66zxz4fd4
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 11

HTTP for Web Developers

▪ Hypertext Transfer Protocol (HTTP) is the foundation of


any data exchange on the Web.
▪ It is a protocol used for transferring hypertext (HTML)
between client (browser) and server.
▪ A request-response protocol: client sends an HTTP
request; server sends back a response.
▪ Common methods:
▫ GET: Retrieve information from the server.
▫ POST: Submit data to the server (e.g., form submission).
▫ PUT: Update data on the server.
▫ DELETE: Remove data from the server.
Stateless Characteristics in
HTTP
▪ What Does Stateless Mean?
▫ Each request made by the client is independent,
and the server does not retain information between
requests.
▫ No built-in mechanism to remember past
interactions.
▪ Implications of Statelessness
▫ The server treats each request as a new one with
no memory of prior requests.
▫ Makes scaling easier but requires extra mechanisms
(like sessions) for maintaining continuity.
Sessions, Cookies, and Query Strings
in HTTP
▪ Why We Need Sessions
▫ To maintain user state across multiple requests in
a stateless protocol. (server side)
▫ Example: Shopping cart data, user login status.
▪ Cookies
▫ Small pieces of data stored on the client-side (in
the browser) and sent with each request.
▫ Purpose: Remember user preferences, login
status, and user activity across different pages.
Sessions, Cookies, and
Query Strings in HTTP
▪ Query Strings
▫ Information appended to the URL (e.g., ?
key=value&key2=value2).
▫ Purpose: Pass data between web pages (e.g., search
results).
▫ Limitations: Not secure for sensitive information, prone to
URL manipulation.
Path Traversal
▪ Path traversal is also known as directory traversal.
These vulnerabilities enable an attacker to read
arbitrary files on the server that is running an
application. This might include:
• Application code and data.
• Credentials for back-end systems.
• Sensitive operating system files.
▪ In some cases, an attacker might be able to write to
arbitrary files on the server, allowing them to modify
application data or behavior, and ultimately take full
control of the server.
Injection Attacks – Path
traversal
Path Traversal
▪ Path traversal is also known as directory traversal.
These vulnerabilities enable an attacker to read
arbitrary files on the server that is running an
application. This might include:
• Application code and data.
• Credentials for back-end systems.
• Sensitive operating system files.
▪ In some cases, an attacker might be able to write to
arbitrary files on the server, allowing them to modify
application data or behavior, and ultimately take full
control of the server.
Path Traversal – Example
▪ Writing to file scenario:
▫ A web page accept two parameters from the
user
▫ A filename to write content to.
▫ Content to be written to the file.
Path Traversal – Example
▪ Reading file scenario:
▫ A web page accept the file name a user wants to
read
▪ What if know a path of a sensitive file and
enters the full path of that file.
How to prevent a path
traversal attack
▪ Validate the user input before processing it. Ideally,
compare the user input with a whitelist of
permitted values. If that isn't possible, verify that
the input contains only permitted content, such as
alphanumeric characters only.
▪ After validating the supplied input, append the
input to the base directory and use a platform
filesystem API to canonicalize the path. Verify that
the canonicalized path starts with the expected
base directory.
Labs for Path Traversal
▪ Lab: File path traversal, simple case
▫ https://portswigger.net/web-security/file-path-tra
versal/lab-simple
▪ Lab: File path traversal, traversal sequences
blocked with absolute path bypass
▫ https://portswigger.net/web-security/file-path-tra
versal/lab-absolute-path-bypass

You might also like