/

Path Traversal Protection

Protection Module: PathTraversal

Prevents path traversal attacks that attempt to access files outside the intended directory.

Available for:

  • ASP.NET Core
  • ASP.NET Framework
  • Azure Functions

How It Works

Path Traversal Protection validates file paths to prevent unauthorized directory access.

Detection Methods:

  • Directory Traversal Patterns - Identifies ../, ..\, and encoded variants
  • Absolute Path Detection - Detects attempts to use absolute paths
  • UNC Path Detection - Identifies network path access attempts
  • Null Byte Injection - Detects null byte truncation attacks
  • URL Encoding Bypass - Identifies encoded traversal attempts
  • Unicode Normalization - Detects unicode-based bypasses

Attack Types Detected:

  • Classic directory traversal (../../../etc/passwd)
  • Windows path traversal (..\..\..\windows\system32)
  • Double encoding (%252e%252e%252f)
  • URL encoding (..%2F..%2F)
  • Unicode variants (%c0%ae%c0%ae/)

Configuration

JSON
{
  "protections": {
    "PathTraversal": {
      "enabled": true,
      "action": "block"
    }
  }
}

ASP.NET Core

C#
builder.Services.AddBytehideMonitor(monitor => monitor
    .WithProtection(ProtectionModuleType.PathTraversal, ActionType.Block)
);

Attack Examples

Classic Traversal

HTTP
GET /files?path=../../../etc/passwd
Status: BLOCKED

Windows Traversal

HTTP
GET /download?file=..\..\..\windows\system32\config\sam
Status: BLOCKED

URL Encoded

HTTP
GET /files?path=..%2f..%2f..%2fetc%2fpasswd
Status: BLOCKED

Null Byte Injection

HTTP
GET /files?path=../../../etc/passwd%00.jpg
Status: BLOCKED

Platform Compatibility

PlatformSupport
ASP.NET Core
ASP.NET Framework
Azure Functions

Actions

Configure responses

Previous
Cross-Site Scripting
Next
Command Injection