diff --git a/File Inclusion - Path Traversal/README.md b/File Inclusion - Path Traversal/README.md index 630d1eb..b7e4565 100644 --- a/File Inclusion - Path Traversal/README.md +++ b/File Inclusion - Path Traversal/README.md @@ -117,11 +117,11 @@ Use the script phpInfoLFI.py (also available at https://www.insomniasec.com/down ## LFI to RCE via input:// stream -TODO -file=php://input -(specify your payload in the POST parameters, - - +Specify your payload in the POST parameters +``` +http://example.com/index.php?page=php://input +POST DATA: +``` ## LFI to RCE via controlled log file Just append your PHP code into the log file and include it.