webProeasy

Lab 209 — BuildForge — Path Traversal in Static File Serving

hackadvisor

Task: CI/CD dashboard with custom static file serving at /static/{filepath}. Solution: path traversal via ../data/.env bypasses prefix check due to string concatenation without normalization.

$ ls tags/ techniques/
lfipath_traversalstatic_filesnodejsnginxexpressprefix_check_bypass
string_concatenation_bypasspath_traversal_prefix_bypasscurl_path_as_is
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups