AKIT
    English Eesti

    directory traversal

    kataloogihüpe

    olemus
    veebi- jt serverites on avalikud failid tihti privaatsetest või süsteemifailidest eraldatud ainult sellega, et neid hoitakse eraldi kataloogis; ründaja võib sobivalt adresseeritud päringuga üritada hüpata kõrgema taseme kataloogi ja selle kaudu jõuda mitteavalike kataloogide ja failideni

    täpsemalt
    https://www.acunetix.com/websitesecurity/directory-traversal/

    https://www.owasp.org/index.php/Path_Traversal

    https://www.youtube.com/watch?v=jJ0ijQ5pADE

    https://www.hackthis.co.uk/articles/practical-applications-of-directory-traversals

    https://hydrasky.com/network-security/directory-traversal-attacks/

    https://www.htbridge.com/vulnerability/path-traversal.html

    https://cwe.mitre.org/data/definitions/35.html

    tõrje
    https://image.slidesharecdn.com/yhj4fbjdqvsya0ocz383-signature-6fe2027c8f65735dd8da829282c0c957891ef6196788b5914b2e7cd19aab61a4-poli-151113151737-lva1-app6891/95/hack-fix-hands-on-coldfusion-security-training-26-638.jpg

    http://www.dummies.com/programming/networking/how-to-detect-and-prevent-directory-traversal-hacks/

    http://www.geeksforgeeks.org/path-traversal-attack-prevention/

    http://www.techpaste.com/2015/02/stop-file-path-traversal-attack-apache/

    https://www.whitehatsec.com/blog/path-traversal-attack-solutions/