Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am playing with a simple webserver in autohotkey: sparrow. It is immune to path traversal attacks. As long as I don’t run any unsanitized code from the client side, is there any other basic attack to watch out for, like the path traversal attack ?
Your question is a bit awkward. Not sanitizing user input is what causes vulnerabilities like Directory Traversal. The whole point is that your server is accepting the most malformed tainted data that a user could produce and the application is expected to make it safe.
There is something called a web application firewall which can block many different types of attacks before they reach the web application. A more secure setup than Sparrow would be Apache with Mod_Security. Mod_secuirty prevents hundreds of different types of attacks against web applications including Directory Traversal and the majority of the OWASP Top 10 . The OWASP top 10 is a great resource I highly recommend it.