Wednesday , November 21 2018
Home / IT Security / Security+ / Directory Traversal/Command Injection
Directory Traversal Command Injection

Directory Traversal/Command Injection

Directory Traversal and Command Injection: If an attacker is able to gain access to restricted directories (such as the root directory) through HTTP, it is known as a directory traversal attack.

If the attackers can gain access to the root directory of a system (which is limited from all but administrative users), they can essentially gain access to everything on the system.

Bear in mind that the root directory of a website is far from the true root directory of the server; an absolute path to the site’s root directory is likely to be something in IIS (Internet Information Server), such as C:\inetpub\wwwroot.

If an attacker can get out of this directory and get to C:\windows, the possibility for inflicting harm is increased exponentially.

One of the simplest ways to perform directory traversal is by using a command Injection attack that carries out the action.

For example, exploiting a weak IIS implementation by calling up a web page along with the parameter cmd.exe?/c+dir+c:\ would call the command shell and execute a directory listing of the root drive (C:\).

With Unicode support, entries such as %C%1C and %C%af can be translated into / and \ respectively.

The ability to perform command injection is rare these days. Most vulnerability scanners will check for weaknesses with directory traversal/command injection and inform you of their presence.

To secure your system, you should run such a scanner and keep the web server software patched.

About Jahanzaib Khan

Jahanzaib Khan is the CEO of JahaSoft.Pk A Web Development, Digital Marketing & Web Hosting Company Based in Pakistan. https://www.JahaSoft.pk

Check Also

Dixons Carphone: Breach Hit 10 Million Personal Records

Dixons Carphone: Breach Hit 10 Million Personal Records

Dixons Carphone has revealed its estimation of how much the customer data was stolen in …

Leave a Reply

Your email address will not be published. Required fields are marked *