Directory Traversal or Backtracking | IgNiTeD SoUL

Logo
Categories
Categories
Tagz
.net 32 bit MMC 64 Bit MMC Active Directory Active Directory Roles Backup Bios Bitlocker CMD Ctrl c Truths DHCP Distribution Groups DNS Domain Controller Drivers Ebooks EF encrypted files ESX Exchange Server Failover Clustering Firewall FSMO Roles Global Catalog Group Policy Management Hard Disk Hyper-V Info Intersite Replication Intrasite Replication Ip Address Jobs kerberos Keyboard Shortcut Keys and Values Logon Issues Logon Script Maintenance MMC Networking Outlook Performance Tweak Printers Recovery Recycle Bin Registry Remote Procedure Call Replication Restore Point Robocopy Scheduled tasks search Security Server Server 2003 Server 2008 Startup System State System State Backup SysVol Task Manager Task Scheduler technology Theme Torrent Tricks Virtual Machine Backup Vista VM VMWare vpn Wi-Fi Windows 7 Workstation XP
Search
Ignited Calendar
August 2009

M T W T F S S

1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

31

Sep »
Archives
- March 2015 (1)
- January 2014 (2)
- December 2013 (1)
- July 2013 (2)
- June 2013 (1)
- February 2013 (6)
- January 2013 (3)
- November 2012 (1)
- October 2012 (3)
- September 2012 (9)
- August 2012 (8)
- July 2012 (4)
- June 2012 (1)
- April 2012 (4)
- January 2012 (5)
- December 2011 (1)
- November 2011 (2)
- October 2011 (2)
- August 2011 (8)
- July 2011 (7)
- June 2011 (15)
- May 2011 (1)
- April 2011 (4)
- March 2011 (11)
- January 2011 (4)
- October 2010 (2)
- September 2010 (13)
- July 2010 (2)
- June 2010 (9)
- May 2010 (31)
- April 2010 (7)
- March 2010 (46)
- January 2010 (30)
- November 2009 (4)
- October 2009 (23)
- September 2009 (5)
- August 2009 (137)

Recent Posts
- WMI Corrupt: How to re-install /repair
- This source server failed to generate the changes
- 2013 in review
- ROBOCOPY in Detail
- The version store has reached its maximum size because of unresponsive transaction
Author: Ravindra Kulkarni
- Ravindra Kulkarni
Contact Info
Akshaya Nagar, Bannerghatta Road, Bangalore
On Request
Available on Weekends Only.
FB

FB
Email Subscription

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Email Address:

Join 172 other subscribers
Blogroll
- Madeira Consultancy
- Purple Carrot INC
- Server Cafe
- WordPress.com
- WordPress.org
Pages
- About Me …
- Disclaimer
Top Rated
Blog Stats
- 242,430 hits
Ignited RSS
- WMI Corrupt: How to re-install /repair
- This source server failed to generate the changes
- 2013 in review
- ROBOCOPY in Detail
- The version store has reached its maximum size because of unresponsive transaction
- Keyset does not exist (Error 0x80090016)
- Troubleshooting Group Policy application
- How does Active Directory enable Centralized Administration?
- The FSMO Role Owner Attribute
- Issues with Remote Desktop Connection
Visits
My Cafe in Goa

My Cafe in Goa
Email the Author

Ravindra.Kulkarni@IgnitedSoul.com
Internet Stats
Qcast
MCITP

Directory Traversal or Backtracking

Posted: August 25, 2009 in Networking, System Information
Tags: Networking

Directory traversal is a form of HTTP exploit in which a hacker uses the software on a Web server to access data in a directory other than the server’s root directory. If the attempt is successful, the hacker can view restricted files or even execute commands on the server. Directory traversal attacks are commonly performed using Web browsers. Any server in which input data from Web browsers is not validated is vulnerable to this type of attack.

Although some educated guesswork is involved in finding paths to restricted files on a Web server, a skilled hacker can easily carry out this type of attack on an inadequately protected server by searching through the directory tree. The risk of such attacks can be minimized by careful Web server programming, the installation of software updates and patches, filtering of input from browsers, and the use of vulnerability scanners.

Directory traversal is also known as directory climbing or backtracking.

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

Calendar
August 2009

M T W T F S S

1 2

3 4 5 6 7 8 9

10 11 12 13 14 15 16

17 18 19 20 21 22 23

24 25 26 27 28 29 30

31

Sep »
Subscribe to Blog via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Email Address:

Join 172 other subscribers

%d bloggers like this: