Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities
An tool to help you search for Directory Traversal Vulnerabilities
Benchmarks
Platforms that I tested to validate tool efficiency:
Screenshots
Instalation
You can download the last version cloning this repository
git clone https://github.com/jcesarstef/dotdotslash/
This tool has made to work with Python3Usage
python3 dotdotslash.py --help
usage: dotdotslash.py [-h] --url URL --string STRING [--cookie COOKIE]
optional arguments:
-h, --help show this help message and exit
--url URL Url to attack.
--string STRING String in --url to attack. Ex: document.pdf
--cookie COOKIE Document cookie.
Example:python3 dotdotslash.py \
--url "http://192.168.58.101/bWAPP/directory_traversal_1.php?page=a.txt" \
--string "a.txt" \
--cookie "PHPSESSID=089b49151627773d699c277c769d67cb; security_level=3"
Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities
Reviewed by Zion3R
on
10:09 AM
Rating:
![Dotdotslash - An Tool To Help You Search For Directory Traversal Vulnerabilities](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEijkY9VSFfVLOm46Wy1tuoLDFtZFwjSzfCCBF80DvlwNXqxTqrkBthxPGY65jBivwRh8AwY30UjS8gkYNK3O0eSb9GKMoj7gjcw9RU8U95gb4tZfJjbUgRoNDMSNamZltCTMj4Q8vrwzvc/s72-c/dotdotslash_1_poc1.png)