Access to http server under linux

I built a http server under linux, and the permission to run it is root. But I found that someone can access files in other directories through url. I want to know how they do it? How do you enter URL?

Mar.14,2021

it depends on how the http server you use is implemented.

url uses a path similar to the file system, such as http://1.2.3.4/root/helloworld.txt or http://1.2.3.4/test/../../root/helloworld.txt

.

point the url path to your file, and set permissions


there are many possibilities, such as

  1. Server configuration error
  2. Trojan horse
  3. Server vulnerability exploited

you might as well try grabbing the bag.

MySQL Query : SELECT * FROM `codeshelper`.`v9_news` WHERE status=99 AND catid='6' ORDER BY rand() LIMIT 5
MySQL Error : Disk full (/tmp/#sql-temptable-64f5-1bfd066-14883.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
MySQL Errno : 1021
Message : Disk full (/tmp/#sql-temptable-64f5-1bfd066-14883.MAI); waiting for someone to free some space... (errno: 28 "No space left on device")
Need Help?