-template-..-2f..-2f..-2f..-2froot-2f 'link'

But in your string: -template- at the front might be a placeholder for something like ?file=-template- or part of a filename expected by the server (e.g., include(-template- . ".php") ).

Even if the attacker reaches /root/ , the web server user (e.g., www-data ) should lack read permissions to /root/ and /etc/shadow . -template-..-2F..-2F..-2F..-2Froot-2F

This article is for educational and defensive purposes only. Unauthorized directory traversal attempts are illegal in most jurisdictions. But in your string: -template- at the front