{"id":15693414,"url":"https://github.com/sjord/protravel","last_synced_at":"2025-05-08T03:52:22.256Z","repository":{"id":66957325,"uuid":"143747237","full_name":"Sjord/protravel","owner":"Sjord","description":"Recursively exploit path traversal vulnerability","archived":false,"fork":false,"pushed_at":"2022-06-13T14:00:11.000Z","size":13,"stargazers_count":7,"open_issues_count":0,"forks_count":5,"subscribers_count":4,"default_branch":"master","last_synced_at":"2025-05-08T03:52:17.458Z","etag":null,"topics":["exploit","python3"],"latest_commit_sha":null,"homepage":"https://www.sjoerdlangkemper.nl/2018/08/15/automating-path-traversal-with-protravel/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Sjord.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-08-06T15:22:26.000Z","updated_at":"2023-01-10T03:19:28.000Z","dependencies_parsed_at":"2023-02-28T02:45:43.202Z","dependency_job_id":null,"html_url":"https://github.com/Sjord/protravel","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sjord%2Fprotravel","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sjord%2Fprotravel/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sjord%2Fprotravel/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Sjord%2Fprotravel/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Sjord","download_url":"https://codeload.github.com/Sjord/protravel/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252996229,"owners_count":21837618,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["exploit","python3"],"created_at":"2024-10-03T18:43:27.334Z","updated_at":"2025-05-08T03:52:22.238Z","avatar_url":"https://github.com/Sjord.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Protravel\n\n### Path traversal\n\nDirectory traversal or path traversal makes it possible to access any file on the webserver. For example, consider the following URL vulnerable:\n\n    http://example.com/getfile.php?filename=export2018.csv\n\nThen the following URL may return /etc/passwd from the server:\n\n    http://example.com/getfile.php?filename=../../../../../../etc/passwd\n\nWe use `../` to go a directory up and download a file outside of the directory that getfile.php normally reads the exports from.\n\nWith path traversal it is generally possible to download any file by name, but not possible to get any directory listings. This means that we have to guess filenames if we want to download them. That is the task that protravel performs.\n\n### Finding filenames\n\nProtravel contains a list of interesting files to download. Some of these files, especially log files, contain paths of other files. Protravel will download these, and in this way try to spider the filesystem.\n\nIt can also parse /etc/passwd to read the home directories from it, and search for .ssh and .bashrc files in home directories.\n\n### Usage\n\nCall protravel with a URL as argument. The path to download will be appended to the URL.\n\n    protravel.py http://example.com/getfile.php?filename=../../../../..\n\nAll found files are written to a directory, `out` by default.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsjord%2Fprotravel","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsjord%2Fprotravel","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsjord%2Fprotravel/lists"}