mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 01:17:36 +00:00
Update tomcat.md
Fix Typo
This commit is contained in:
parent
16e49f264c
commit
706df6610c
1 changed files with 2 additions and 2 deletions
|
@ -85,9 +85,9 @@ The following example scripts that come with Apache Tomcat v4.x - v7.x and can b
|
|||
|
||||
### Path Traversal (..;/)
|
||||
|
||||
In some **[vulnerable configurations of Tomcat](https://www.acunetix.com/vulnerabilities/web/tomcat-path-traversal-via-reverse-proxy-mapping/)** you can access to protected directories in Tomcat using the path: `/..;/`
|
||||
In some **[vulnerable configurations of Tomcat](https://www.acunetix.com/vulnerabilities/web/tomcat-path-traversal-via-reverse-proxy-mapping/)** you can gain access to protected directories in Tomcat using the path: `/..;/`
|
||||
|
||||
So, for example, you might be able to **access the Tomcat manager** page accessing: `www.vulnerable.com/lalala/..;/manager/html`
|
||||
So, for example, you might be able to **access the Tomcat manager** page by accessing: `www.vulnerable.com/lalala/..;/manager/html`
|
||||
|
||||
**Another way** to bypass protected paths using this trick is to access `http://www.vulnerable.com/;param=value/manager/html`
|
||||
|
||||
|
|
Loading…
Reference in a new issue