Friday, February 12, 2010

Directory Traversal Fun

I came across a few interesting posts today on this topic today and I thought I would share. The first one I landed on was an interesting read about a poorly secured malicious server from Russ McRee at

Next, I ended up on the OWASP page on testing for these kinds of vulnerabilities:

Then finally, a nice NMAP script for the VMware directory traversal vulnerability (CVE-2009-3733) recently discussed at Shmoocon:

good times.