diff options
Diffstat (limited to 'fluent-bit/lib/monkey/qa/path_traversal02.htt')
| -rw-r--r-- | fluent-bit/lib/monkey/qa/path_traversal02.htt | 27 |
1 files changed, 27 insertions, 0 deletions
diff --git a/fluent-bit/lib/monkey/qa/path_traversal02.htt b/fluent-bit/lib/monkey/qa/path_traversal02.htt new file mode 100644 index 000000000..793c383a5 --- /dev/null +++ b/fluent-bit/lib/monkey/qa/path_traversal02.htt @@ -0,0 +1,27 @@ +################################################################################ +# DESCRIPTION +# Test against directory traversal (client must not be allowed to "get out" of +# DocumentRoot. +# +# AUTHOR +# Carlos Ghan <charlie.brown.uy@gmail.com> +# +# DATE +# March 08 2010 +# +# COMMENTS +# Using URL-encoded hex values +################################################################################ + + +INCLUDE __CONFIG + +CLIENT +_REQ $HOST $PORT +__GET /%2e%2e/conf/monkey.conf $HTTPVER +__Host: $HOST +__Connection: close +__ +_EXPECT . "HTTP/1.1 403 Forbidden" +_WAIT +END |