Directory traversal (reproduction and use) - Code World

Directory traversal (reproduction and use)

Others 2020-01-20 14:11:57 views: null

Environment: Kali built apache2

recurrent:

Default configuration, the file will be added to the apache project path

/ Was / www

At this time apache2.conf default configuration is as follows:

<Directory /var/www/>
    Options Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

Access path kali store files, identify vulnerabilities:

repair:

Modify apache2.conf, prohibit directory traversal:

<Directory /var/www/>
    Options -Indexes FollowSymLinks
    AllowOverride None
    Require all granted
</Directory>

Restart apache2, and re-access, then access to the file can not be found in the list:

reference:

https://www.cnblogs.com/wlfsky/p/10570078.html

https://www.fujieace.com/penetration-test/directory-traversal-2.html

Summary :

1, phpstudy modify apache httpd.conf in the corresponding parameter modification options invalid, presumably phpstudy on the web system security reinforcement done.

2, this case corresponds apache2.conf httpd.conf configuration file in the apache

Guess you like

Origin www.cnblogs.com/smartmsl/p/12217584.html

Directory traversal (reproduction and use)

../../ directory traversal

Nginx directory traversal vulnerability

scandir file directory traversal

python recursive directory traversal

Detailed directory traversal attacks

File class: directory traversal

python file directory traversal

apache prohibits directory traversal

nginx directory traversal vulnerability reproducibility

nginx directory traversal vulnerability reproducibility

Subdirectories and files in the directory traversal Python

python: file, directory traversal device

Penetration of the road base - directory traversal

[Nginx] nginx directory traversal vulnerability

Linux directory traversal (cd command)

WebGoat (A1) Injection Path traversal (directory traversal / path traversal)

p God python directory traversal, reptiles

File Operation Security - Directory Traversal Principles

pikachu shooting range-../../ (directory traversal)

Vulnerability reproduction: making use of Kali Trojans

Tongda OA arbitrary user login reproduction (manual use & script use)

Use Ajax Json array traversal

Docker Symlink Directory traversal vulnerability (CVE-2018-15664)

python3.7 script --- specify all files within the directory traversal

With files in the output directory traversal linuxC language folders and files

PHP0013: PHP file case operating phpdamin directory traversal

Pikachu-URL redirects, directory traversal, disclosure of sensitive information

pikaqiu practice platform -URL redirection, directory traversal, disclosure of sensitive information

Time family functions and directory traversal of C language practical algorithm series

Recommended

The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!

Ranking

Getting the basic concepts of ROS + catkin Profile

Spring Learning (2) --- Assembling Beans in the IoC Container

js to get the src attribute of the image regularly

STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud

Short video learning - 3, pandas simple use of pivot_table

Print directory of project configuration log, output log

Understand the difference between vi and vim in Linux in 3 minutes

1 + x certificate Web front-end development HTML5 special exercises

mangodb save and insert the difference

7-1 Family tree processing (50 points) (binary tree solution)

Daily

More

2024-05-13(8)

2024-05-12(28)

2024-05-11(32)

2024-05-10(34)

2024-05-09(32)

2024-05-08(18)

2024-05-07(34)

2024-05-06(6)

2024-05-05(0)

2024-05-04(18)