File Path Traversal Lab

Written By Darius Waters

File Path Traversal Lab (Portswigger Lab) Github

Overview: In this lab, I identified and exploited a path traversal vulnerability that allowed unauthorized access to sensitive information.

Tools Used: Burp Suite

Completed: June 17, 2025

Steps Taken:

  • Intercepted and analyzed HTTP request using Burpsuite.

  • Manipulated file paths to bypass normal directory restrictions using directory traversal (../../../etc/passwd).

  • Retrieved protected system files, demonstrating the impact of insecure file handling.

Key Takeaway:

Path traversal attacks highlight the importance of input validation and secure coding practices. Preventing these require strict sanitization of user input and implementing allowlists for file access.

Darius Waters
Previous

Unprotected Admin Functionality Lab