71
Example:
Anti-IDS Attack
URL Forceful Browsing
attempts on “samples/admin”
Variations on a
theme:
–Absolute
Pathing: “samples/admin”
–Delimiter
Padding: “samples///admin”
–Relative
Pathing: “samples/./admin“
–URL
Encoding: "%2fsamples/admin“
–Path
Traversal: “samples/fakedir/../admin“
–DOS
Syntax: “samples\admin”
–tripe
dots “samples/fakedir/.../admin”
–Null
Method: "GET%00/samples/admin“