Description: Directory traversal attack or path traversal is a kind of exploitation technique in security validation where the attacker gets privileges in changing from one directory to the other. With this the attacker can have access to the restricted files on a web server. Command line injection is a method to inject the unwanted commands on the target vulnerable application.
ex: ping 192.168.20.150 || ls -l
The above command performs the ping request as well as the ls operation. That could list out files and directories existed on the targeted system.
The above attack is been performed by using the DVWA application
Tags: Directory- Traversal , Command- Injection , DVWA , Web-Application , Securitytube ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.