WEB SECURITY 1:-> SERVE-SIDE VULNERABILITIES In this path we are using online lab for burp suite open these to start with these path https://portswigger.net/web-security/ and also you must have burp suite installed in your machines Downloads Burp Suite ---> https://portswigger.net/burp/communitydownload > Once you have created an account and login to portswigger open the academy tab and choose *Server-Side Vulnerabilities* Then start with: *I: PATH TRAVERSAL (DIRECTORY TRAVERSAL)* - This vulnerablities enable an attacker to read arbitrary files on the serverthat is running an application. Includes * Application code and data * Credentials for back-end systems * Sensitive operating system files In some cases, an attacker might be able to write to arbitrary files on the server, allowing them to modify application data or behavior, and ultimately take full control of the server. *Reading arbitrary files via path traversal* Imagine a shopping application that displays images of items for sale. This might load an image using the following HTML:  The loadImage URL takes a filename parameter and returns the contents of the specified file. The image files are stored on disk in the location /var/www/images/. To return an image, the application appends the requested filename to this base directory and uses a filesystem API to read the contents of the file. In other words, the application reads from the following file path:  This mean an attacker can use these path to gain the secret file running on the system or file system and can be able to gain the credentials of the users in the system which is located in /etc/passwd or can request the url in first image to retrieve /etc/passwd from the serve's filesystems.  These insecure-website.com is an example of url that you can put according to your own host e.g google.com, pwntilldawn.com is just an example. This causes the application to read from the following file path:  The sequence ../ is valid within a file path, and means to step up one level in the directory structure. The three consecutive ../ sequences step up from /var/www/images/ to the filesystem root, and so the file that is actually read is:  Lab: File path traversal, simple case > This lab contains a path traversal vulnerability in the display of product images. > To solve the lab, retrieve the contents of the /etc/passwd file. Once you have login and start the learning click Access Lab  After click ACCESS THE LAB  Make sure you have configured firefox and burp suite to intercept packets from the website. if you don't read the previous session on how to configure the burpsuite and firefox. > Then open burp suite and click intercept on >  > Choose any product from the website example click on the Gym Suit image then automatically will open burp suite for the first image will GET the product ID then click forward >  And in this image will GET the filename of image then click forward  After forward the response then open in the HTTP history at the top and choose the request that read the filename and image name at the history filename change according to your image opened At the left side of history once you click the requested history it will appear in the Request page at the left hand side so go in the request option and right click then choose Send to Repeater  > After send to repeater open the repeater tab and you will see that request  > Rename the filename into ../../../../etc/passwd  > After renaming the filename then click on send  Then the response will be like this in the response so you have successifully solved the lab.  Turn off the intercept in burp suite and on click home button in your websiteyou will se the message.  Thanks!