In any Web application that uses GET, it is possible to obtain the Linux system password file in a few steps
There are many techniques
The “Path Traversal” (also known as “Directory Traversal”) is a type of attack that exploits a vulnerability of a non-sufficiently protected application to gain access to certain paths in the filesystem, like folders on the disk, that should not be accessible to an unauthorized user. For example, let’s say we have an Apache Web server tree and we are in the in the root directory of the Web server itself, in our example:
In any Web application which uses GET, it is possible, in a few steps, to get to the Linux system password file; entering the directory /var/www/html after starting the apache2 service, renaming the existing index.html and replacing it with a malicious index.html (introducing the path where the password resides for example), the password would be the displayed without the user noticing it.
This is one of the many techniques that can be used to find information related to the user’s identity.
Once the user has been identified and it is possible to log in on his / her behalf, it is only necessary to add a some code, for example in php, which can be saved in any directory and called from a Web page.
The malicious code could study the system, accumulate information related to other paths accesses where other information resides and, in a short period, all the user’s information could be compromised in absolute silence.
But how can we protect ourselves? How can path transversal attacks be prevented?
You can avoid these attacks by not passing any input data to the filesystem API. Therefore, the application validates the user input in a completely different way, using a method that requires entry which is not based on username and password, but only through biometric authentication.
My-ID (https://youtu.be/idr2iRFEkA0) could be a response to this type of attack.
This system provides Multi-Factor Biometric Recognition (a SSO) in which the use of a password, a pin, a token (https://bit.ly/My-ID_passwordless) is not required: the formula to access the system requires the recognition of multiple biometric factors (https://bit.ly/My-IDCheckIdentity). Therefore, My-ID is an innovative method for accessing systems that does not require typing information (https://bit.ly / My-ID_Biometric_Login), a platform applicable to IT systems to avoid identity theft.