Web Application Part 1: Page Source and Directory Traversal

A Cyber Security Research Dumpsite

Web Application Part 1: Page Source and Directory Traversal

Page Source Review:

 Viewing the source code within a web browser may identify hidden content or comments within the code that may infer more information about the end site or program logic.

Example:

Go to the web page, you can either right click and select page source or if you are using Mozilla you can go on Developer Tools > Page Source.

Then another tab with the page source will open. After searching through the page source, I found this:

Obviously, this is just an example. Here, we can see that the person tried to hide a credentials file within the page source (bad idea). I clicked the file and it gave me the username and password.

 


Directory Traversal:

Definition

Summary: Directory Traversal is a technique that can be used to read files on a web server that were never intended to be accessed. This is usually intruded through insecure coding practices.

In-Depth: Web applications such as Apache normally serve information under a given folder structure. 

By default on a linux host this is usually ‘/var/www’ or ‘/var/www/html’. 

Default homepages such as ‘index.html’ would reside in this folder structure, for example: ‘/var/www/html/index.html’. If the web server hasn’t been configured properly, it might be possible to use the web server to browse content out of the folder system using Directory Traversal.

For example, if the application permits a request to access ‘/images/test.jpg’, which would normally be in the full disk path ‘/var/www/html/images/test.jpg’, we could enter the following to navigate outside of the web area: ‘../../../etc/passwd’. This is telling the server to go back 3 directories to the root of the file system and then get ‘/etc/passwd’ which contains the user names of the operating system.

Example:

Then, I right clicked on one of those pictures to get its URL path so I have a rough idea of what to do:

Now I had a rough idea of the format. Then I experimented with different techniques (Directory Traversal is also a guessing game). After multiple attempts, I got a response:

Then I saved the file and then opened its located folder and dragged the file onto my Mozilla browser:

Or alternatively, just open it with a text editor.