How this template works
APIs Selection
The template filters requests based on two conditions. It checks if the request payload or query parameter value matches a regular expression pattern that represents a file path. If a match is found, the file path is extracted and stored as a variable called "file_path".
Execute request
The template then modifies the query parameter and body parameter named "file_path" in the request. It replaces the parameter value with a list of predefined file paths from the "wordLists" section of the template.
Validation
After the request is executed, the template validates the response payload using a regular expression pattern. It checks if the response contains a string that starts with "root:" and ends with ":0:0:". If the pattern is matched, the validation is considered successful. That's it! The template filters requests, modifies parameters, and validates responses to test for potential Local File Inclusion vulnerabilities.
Frequently asked questions
"The text editor in Akto is absolutely remarkable. Its user-friendly YAML format strikes the perfect balance between simplicity and power. With intuitive features like 'API selection filter', 'Execute', Validate' creating test rules becomes incredibly easy. Akto's test editor is a game-changer, enabling seamless creation of highly personalized and effective tests that could meet the needs of any modern day organization. "
Security team,
Rippling