Python's function os.path.join has an interesting behaviour when it joins multiple paths into a single path. If we were to specify an absolute path somewhere in the function that starts with an absolute path, for example: /etc/passwd on a Linux system. Our path /etc/passwd will overwrite all paths behind it and become the new absolute path.

An attacker can use the following attack technique to exploit this path traversal (CWE-22) vulnerability.

Now that you know how you can use this techniques to your advantage, you can test your practical skills in the official lab below.