While auditing a web application for vulnerabilities, Donald uses Burp proxy and modifies the get requests as below:
http://www.example.com/GET/process.php./../../../../../../../../etc/password
What is Donald trying to achieve?
A . Donald is modifying process.php file to extract /etc/password file
B . Donald is trying directory traversal to extract /etc/password file
C . Donald is trying SQL injection to extract the contents of /etc/password file
D . Donald is trying to upload /etc/password file to the web server root folder
Answer: B