Member-only story
Exploiting Path manipulation Vulnerability
Introduction
We know the importance of Application security which is used to save the data and the assets of the organization. IN order to implement the application security a lot of frameworks are there such as SANS, OWASP etc. Every framework guides the developer about the importance of user input validation such as sanitization of user input, syntax, length and business SOP to accept that input. Input Validation can apply from a vast variety of attacks. Let Go through the manipulation vulnerabilities which occurs due to the input validation
What are path manipulation vulnerabilities?
In this vulnerability attackers access those files and directories that are stored outside the Webroot folder. Basically if any of the parameters of the application is fetching the files and there is no input validation on it, the attacker can manipulate the path with “../” sequence or with its encoding pattern, by using absolute file paths. Attackers can use this technique to access the files outside of the webroot directory and can access the sensitive files due to this. The sensitive files include source code files of the…
