- Directory traversal is an HTTP exploit where an attacker can access restricted files and directories stored on the web server by bypassing the validation process
- Attackers can manipulate variables of absolute or relative path names that contain file links or can use “../" sequences with file names and access files and directories
Insecure Code
- The code snippet uses command line argument for file path and uses File.getAbsolutePath() method to find the absolute path
Secure Code
- The getCanonicalPath() method is used to resolve any aliases, symbolic links and shortcuts
Directory Traversal Countermeasures
- Use strong filter mechanisms for user data
- Use filters for form input such as GET and POST parameters
- Update server software at regular intervals
- Define access rights to the protected areas of the website
- Apply checks/hot fixes to prevent exploitation
Cheng® 