W-PATH-TRAVERSALLateral Movement

Path Traversal

Read arbitrary files via traversal in a file-serving endpoint (downloads, image proxies, PDF generators).

§ Where this technique fits

W-PATH-TRAVERSAL is catalogued under the Lateral Movement tactic of the offensive-security kill-chain. It appears in 1 approved dossier in the registry, typically at step 2 on average.

§ Dossiers chaining this technique

LFI → log poisoning → RCE
Local file inclusion that reads the web server's access log. Send a request whose User-Agent contains PHP, then LFI the log file to execute it.
step 2 / 6

§ What commonly comes next

01
Log Poisoning + LFI
W-LOG-POISONING · Execution
seen 1×

§ Where this technique fits

§ Dossiers chaining this technique

LFI → log poisoning → RCE

§ What commonly comes next