Okay, This is my first article, So here I go.
Table of contents:
1 What is Directory Transversal
2 Finding disallowed pages
3 Using Directory Transvereal to access said pages
1 What is Directory Transversal
Directory Transversal allows you to change what directory you are located in by typing in the URL bar. This allows you to access pages you normally can't on an insecure webpage.
2 Finding disallowed pages
This is quite simple. Go to the main page and type in:CODE:
Http://www.[hostname].ext/robots.txt
In this textfile, you will see something that looks like this: CODE:
User-agent: *
Allow: /searchhistory/
Disallow: /news?output=xhtml&
Allow: /news?output=xhtml
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Disallow: /nwshp
Disallow: /?
Disallow: /addurl/image?
Disallow: /pagead/
Disallow: /relpage/
Disallow: /relcontent
Disallow: /sorry/
Disallow: /imgres
Disallow: /keyword/
Disallow: /u/
Also, theUser-agent: *
Allow: /searchhistory/
Disallow: /news?output=xhtml&
Allow: /news?output=xhtml
Disallow: /search
Disallow: /groups
Disallow: /images
Disallow: /catalogs
Disallow: /catalogues
Disallow: /news
Disallow: /nwshp
Disallow: /?
Disallow: /addurl/image?
Disallow: /pagead/
Disallow: /relpage/
Disallow: /relcontent
Disallow: /sorry/
Disallow: /imgres
Disallow: /keyword/
Disallow: /u/
User-Agent can be something else then* this means all. This can be a type of webbrowser. That would block the user agent.
3 Accessing the pages
now to access the page here is the first step
Getting denied:
Type a directory that comes after CODE:
Disallow:
Chances are, you will get denied.
To get access you could see if you can mod your cookie, but that's not what I'm talking about.
Now type in the same directory as before, but add /Abunchofrandomletters&symbols
It should look like this: CODE:
[host]/disalloweddirectory/abucnhofrandomletters&symbols
This will give you an error saying not found. Good.
Now for the Directory Transversal part: CODE:
[host]/disalloweddirectory/abucnhofrandomletters&symbols/../
You should have noticed the /../ That is the Directory Transversal part.
What this does is send you back one dorectory, and if the website is insecure, then you can get access to the Disallowed area.
This doesn't work with just about every popular site, but works with privately owned sites written by n00bs that think they are elite.
Oh Yeah.
