Hi everyone, this time I’ll share something interesting, which I found during a WEB pentest. Due to company policy, I will call the website of https://www.foo.pt. During my footprint phase I realized that the site supported several types of languages, such as:
That ‘s when I thought, how would that be? And I went to research how to do this …
I found this article from google
So, I thought, well maybe there is a file which is required when I change the language? maybe a path traversal could work here.
something like this:
and for my surprise, after some fuzzing, BOOM! i got a path traversal :). The following image illustrates the fact: