🎃 Spooky SSC CTF 🎃

📁 Directory Traversal

Sometimes web servers are misconfigured and allow directory listing. This can expose sensitive files and directories!

Your Mission: Find a directory that reveals hidden files!

This is dangerous because it can expose:

Configuration files
Backup files
Source code
Database dumps
Flag files

💡 Challenge Overview

Goal: Find a directory that reveals hidden files.

Difficulty: Beginner - Directory enumeration basics!

Time to complete: 2-5 minutes

Key Learning: Some servers allow directory browsing!

📁 Directory Traversal Challenge

Web servers sometimes allow you to browse directories like folders on your computer. This can reveal sensitive files!

🛠️ How to Solve This Challenge:

Try common directory paths:
- /admin/
- /backup/
- /secret/
- /uploads/
Look for directory listing - Some servers show all files in a directory
Check for interesting files - flag.txt, secret.txt, etc.

🔍 What You're Learning:

Directory Enumeration - Finding hidden directories
Information Disclosure - When servers reveal too much
Web Server Configuration - How servers handle directory access

🔍 Common directories to check:

/admin/
/backup/
/config/
/secret/
/private/
/uploads/
/files/
/data/

Challenge: Find a directory with listing enabled and locate the flag file!

🏁 Submit Your Flag

🏠 Back to Main Page