Nginx (engine x) is a high-performance HTTP and reverse proxy server, as well as an IMAP/POP3/SMTP server. Nginx is often used as a reverse proxy, the dynamic part is passed to the backend port by proxy_pass, and static files need to be processed by Nginx.
If the static files are stored in the /home/ directory, and the directory is named files in the url, then you need to use alias to set the alias of the directory:
< div> 
At this point, visit http ://example.com/files/readme.txt, you can get the /home/readme.txt file.
But we noticed that there is no suffix / in /files on the url, and the /home/ set by alias has the suffix /, This / causes us to travel from the /home/ directory to his upper directory.
Then we got an arbitrary file download vulnerability.
If the static file is stored in the /home/ directory, and the directory is named files in the url, then you need to use alias to set the alias of the directory:
< /p>
this When you visit http://example.com/files/readme.txt, you can get the /home/readme.txt file.
But we noticed that there is no suffix / in /files on the url, and the /home/ set by alias has the suffix /, This / causes us to travel from the /home/ directory to his upper directory.
We then obtained an arbitrary file download vulnerability.
