I want to verify that my web application does not have a path traversal vulnerability.
I'm trying to use curl
for that, like this:
$ curl -v http://www.example.com/directory/../
I would like the HTTP request to be explicitly made to the /directory/../
URL, to test that a specific nginx rule involving proxy is not vulnerable to path traversal. I.e., I would like this HTTP request to be sent:
> GET /directory/../ HTTP/1.1
But curl
is rewriting the request as to the /
URL, as can be seen in the output:
* Rebuilt URL to: http://www.example.com/
(...)
> GET / HTTP/1.1
Is it possible to use curl
for this test, forcing it to pass the exact URL in the request? If not, what would be an appropriate way?