312-50V9 · Question #553
Study the following log extract and identify the attack.
The correct answer is D. Unicode Directory Traversal Attack. The log extract shows Unicode-encoded directory traversal sequences used to bypass security filters that block standard '../' path sequences.
Question
Study the following log extract and identify the attack.
Exhibit
Options
- AHexcode Attack
- BCross Site Scripting
- CMultiple Domain Traversal Attack
- DUnicode Directory Traversal Attack
How the community answered
(23 responses)- A9% (2)
- B4% (1)
- C4% (1)
- D83% (19)
Why each option
The log extract shows Unicode-encoded directory traversal sequences used to bypass security filters that block standard '../' path sequences.
A Hexcode Attack uses standard percent-encoded hex values (like %2e%2e%2f) for directory traversal, not Unicode multi-byte encoding sequences.
Cross Site Scripting (XSS) involves injecting malicious client-side scripts into web pages viewed by other users, not path manipulation via encoded directory sequences.
Multiple Domain Traversal Attack is not a recognized standard attack category; the specific technique shown involves Unicode encoding to traverse server directories.
A Unicode Directory Traversal Attack uses Unicode or multi-byte UTF-8 encoded representations of the '../' sequence (such as %c0%af or %c1%9c) to evade input validation filters that only check for literal dot-dot-slash patterns. Web servers that decode Unicode after performing security checks are vulnerable to this technique, allowing attackers to traverse outside the web root and access restricted files on the server.
Concept tested: Unicode encoding bypass for directory traversal
Source: https://owasp.org/www-community/attacks/Path_Traversal
Topics
Community Discussion
No community discussion yet for this question.
