🧪 Lab Info

🔐 Vulnerability:

This lab contains a path traversal vulnerability in the display of product images.

⚠️ The application strips path traversal sequences (e.g., ../) from user-supplied input before using it.

🎯 Goal

Retrieve the contents of the file:

/etc/passwd

🪜 Steps to Solve

1. 🧠 From the lab description, we understand that the application removes path traversal patterns like ../.
2. 💡 To bypass this filter, we can use a payload obfuscation technique — by duplicating or obscuring the traversal sequence using redundant slashes.

🧪 Final Payload Idea

We craft an alternative version of the payload that avoids being stripped

../../../etc/passwd  => ....//....//....//etc/passwd

👉 This bypasses the basic ../ stripping mechanism and still resolves to the desired file path

📸 Result:

📄 You should now see the contents of the /etc/passwd file