Difference between revisions of "Testing for Directory Traversal"

From OWASP
Jump to: navigation, search
(Brief Summary)
(Replacing page with 'This article is moved here: http://www.owasp.org/index.php/Testing_for_Path_Traversal')
 
(28 intermediate revisions by 7 users not shown)
Line 1: Line 1:
{{Template:OWASP Testing Guide v2}}
+
This article is moved here:
 
+
http://www.owasp.org/index.php/Testing_for_Path_Traversal
== Brief Summary ==
+
<br>
+
Nowadays, many web applications use and manage files. Using input validation methods not well designed, an aggressor could exploit the system in order to read/write files that are not intended to be accessible; in particular situations it could be possible to execute arbitrary code or system commands.
+
<br>
+
 
+
== Description of the Issue ==
+
<br>
+
...here: Short Description of the Issue: Topic and Explanation
+
<br>
+
== Black Box testing and example ==
+
'''Testing for Topic X vulnerabilities:''' <br>
+
...<br>
+
'''Result Expected:'''<br>
+
...<br><br>
+
== Gray Box testing and example ==
+
'''Testing for Topic X vulnerabilities:'''<br>
+
...<br>
+
'''Result Expected:'''<br>
+
...<br><br>
+
== References ==
+
'''Whitepapers'''<br>
+
...<br>
+
'''Tools'''<br>
+
...<br>
+
 
+
{{Category:OWASP Testing Project AoC}}
+
[[OWASP Testing Guide v2 Table of Contents]]
+
{{Template:Stub}}
+

Latest revision as of 03:30, 14 August 2008

This article is moved here: http://www.owasp.org/index.php/Testing_for_Path_Traversal