Module: Aikido::Zen::Scanners::PathTraversal

Defined in:: lib/aikido/zen/scanners/path_traversal/helpers.rb

Defined Under Namespace

Modules: Helpers

Constant Summary collapse

DANGEROUS_PATH_PARTS =

["../", "..\\"]

LINUX_PATH_STARTS =

[
  "/bin/",
  "/boot/",
  "/dev/",
  "/etc/",
  "/home/",
  "/init/",
  "/lib/",
  "/media/",
  "/mnt/",
  "/opt/",
  "/proc/",
  "/root/",
  "/run/",
  "/sbin/",
  "/srv/",
  "/sys/",
  "/tmp/",
  "/usr/",
  "/var/",
  # Common container/cloud directories
  "/app/",
  "/code/"
]

MACOS_PATH_STARTS =

[
  "/applications/",
  "/cores/",
  "/library/",
  "/private/",
  "/users/",
  "/system/",
  "/volumes/"
]

WINDOWS_PATH_STARTS =

["c:/", "c:\\"]

DANGEROUS_PATH_STARTS =

LINUX_PATH_STARTS + MACOS_PATH_STARTS + WINDOWS_PATH_STARTS