By | May 2, 2020
freelearningtech

Is article mai hum apko Directory Path Traversal ke bare mai bata rahe hai. Jaise What is Directory Path Traversal attack, How to do Directory Path Traversal attack.

Humne apko Website Hacking ke article mai pahle bhi Website ki kuch vulnerabilities ke bare mai btaya hai. Aise hi ek Directory Path Traversal bhi hoti hai.

Aapko Website pentesting ke liye jitni bhi vulnerabilities hai sabhi ke bare mai pata hona jaruri hota hai. Jaise Directory Path Traversal , SQL Injection, CSRF , OS Command Injection, XSS attack etc

Jadatar apko sabhi tarah ki vulnerabilities ke bare mai nahi btaya jata hai. Lekin jab aap BugBounty karte hai tab koi bhi vulnerability apko mil sakti hai.

Yeh sab apko Educational purpose ke liye btaya ja raha hai. Aap iska miss use kabhi bhi mat karen. Kisi bhi Website par kisi tarah ka attack without permission karna illegal hota hai.

Note- This article is only for educational purpose. Don’t miss use your Knowledge and skills.

What is Directory Path Traversal ?

Jaise ki naam se hi pata chalta hai Directory Path Traversal yeh ek aisi vulnerability hai jiska use karke Hackers kisi website ki files ko dump kar sakte hai.

Jaise ki hum jante hai sabhi Website ka ek url address hota hai. Directory Path Traversal attack url address ke through hi work karta hai. Chaliye ise example ke through samjhte hai.

Jaise sabhi Website mai database hota hai or database mai sabhi files store rehti hai. Aise mai username passwords or bhi bahut tarah ki files ko user nahi dekh sakte hai.

Agar Directory Path Traversal ki vulnerability kisi website mai hoti hai to aise mai koi bhi path ke through hidden files ko dekh sakte hai. Aise mai kuch aisi information bhi hoti hai jinka miss use bhi kiya ja sakta hai.

Yeh apko Practically bhi btaya ja raha hai. Kis tarah se database ki files ko dekha ja sakta hai. Yaha hum apko Directory Path Traversal attack Bwapp mai karke bata rahe hai.

Aap iska practical jab karte hai tab aap khud hi samjh jate hai Directory Path Traversal attack kaise kisi website mai work karta hai. Isliye aap iska practical jarur karen.

Apko Theory pahle isliye btayi jati hai taki practical apko easily samjhya ja sake. Agar apko Ethical Hacker bana hai to apko Theory jarur pata honi chahiye.

How to do Directory Path Traversal attack ?

Bwapp ko install karne ke bare mai apko pahle hi bata diya gaya hai. Sabse pahle aap Bwapp ko install karle uske baad aap Bwapp ke portal mai Directory Path Traversal ko select karle. Kuch is tarah.

Yaha hum apko Directories or files dono ke bare mai practically bata rahe hai. Jaise ki hum jante hai Directories or files kya hoti hai.

Path Traversal

Aap dekh sakte hai url mai admin likhne par database ke admin folder ki sabhi files show ho rahi hai. Is tarah se Database ki sabhi directories ko dekha ja sakta hai.

Yaha bhi aap url mai dekh sakte hai. Bwapp ki sabhi files ko show kiya gaya hai. Aap dekh sakte hai yeh sab url address ke through hi kiya ja raha hai. Aise hi aap ise bhi age ke folder mai ja sakte hai. Kuch is tarah.

Path Traversal

Yaha aap samjh pa rahe honge kuch is tarah (../../) se folder ke bahr jakar dusri files ko bhi url ke through hi dekha ja sakta hai. Yaha aap kisi bhi file par jab click karte hai veh file open ho jayegi.

Directory Traversal – Files

Jis tarah se Directory Path Traversal – Directories hota hai aise hi files hoti hai. Directory Path Traversal – Files mai aap files ko nikal sakte hai. Database mai jitni bhi files hai sabhi ko dekh sakte hai.

Jaise ki hum sab jante hai kisi bhi website mai files jadatar same name se hi save rehti hai. Jaise admin.php, Password.php, users aise hi url ke through in files ko bhi dekha ja sakta hai.

Path Traversal

Aap url mai dekh sakte hai login.php file ko show karvaya gaya hai. Aise hi aap database ki kisi bhi file ko dekh sakte hai. Yeh sab url ke through hi kiya jata hai.

Aise hi aap index.php , aim.php , portal.php jitni bhi files database mai hoti hai sabhi ko dekh sakte hai. Yeh attack tabhi work karta hai jab kisi website mai Directory Path Traversal ki vulnerability hoti hai.

Path Traversal

Agar kisi tarah ki file database mai exist nahi karti hai to apko aise error show ho jayegi. Aise hi agar kisi tarah ki Directory database mai nahi hoti hai to error show ho jati hai.

Directory Path Traversal vulnerability agar kisi website mai hoti hai to hackers kisi bhi file ko open kar sakte hai. Aap khud dekh sakte hai url ke through hi kis tarah se Website ke database ko dekha ja sakta hai.

Yeh sab apko educational purpose ke liye btaya gaya hai. Aap iska miss use kabhi mat karen. Hackers is vulnerability ki help se website ke database ki information nikalte hai.

The Conclusion

Main umeed karta hu ki apko Directory Path Traversal ke bare mai pata chal gaya hoga. Yeh kya hai kaise hota hai. Humne apko pahle bhi Website Hacking par bahut sare articles diye hai.

Aap unhe bhi padh sakte hai. Jaise Buffer Overflow, Admin panel crack karna, DOS attack or bhi bahut kuch aap unhe bhi padh sakte hai. Yeh sabhi website hacking related hi articles hai.

Yaha Website mai milne vali vulnerabilities bahut tarah ki hoti hai. Age apko sabhi ke bare mai bata diya jayga. Jaise PHP Code Injection, Ldap Injection, Iframe Injection or bhi bahut kuch.

Yeh sab apko educational purpose ke liye btaya ja raha hai. Aap kabhi inka miss use mat karen. Yeh sab apki Knowledge ko bdhane ke liye btaya gaya hai.

Hum apko yaha ek baat Clear kar rahe hai. Facebook Hacking ya whatsapp Hacking mai hi sab kuch nahi hota hai. Agar aap Ethical Hacking ki field mai deeply ate hai tab aap ise samjh sakte hai.

Yeh sab apko Youtube par nahi btaya ja sakta hai. Mai pahle videos hi bnata tha lekin strike ati thi bar bar isliye website par sab kuch bata raha hu. I hope aap support karenge.

Agar apka kisi bhi tarah ka koi question hai aap comment mai puch sakte hai. Sath hi aap contact karke bhi puch sakte hai. Agar apko yeh article acha lage to ise share jarur karen.

Sharing is Caring

Thankyou

Leave a Reply

Your email address will not be published. Required fields are marked *