diff --git a/File Inclusion - Path Traversal/Intruders/BSD-files.txt b/File Inclusion - Path Traversal/Intruders/BSD-files.txt new file mode 100644 index 0000000..3f99f25 --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/BSD-files.txt @@ -0,0 +1,13 @@ +/usr/pkg/etc/httpd/httpd.conf +/usr/local/etc/apache22/httpd.conf +/usr/local/etc/apache2/httpd.conf +/var/www/conf/httpd.conf +/var/www/logs/error_log +/var/www/logs/access_log +/etc/apache2/httpd2.conf +/var/apache2/logs/error_log +/var/apache2/logs/access_log +/var/log/httpd-error.log +/var/log/httpd-access.log +/var/log/httpd/error_log +/var/log/httpd/access_log \ No newline at end of file diff --git a/File Inclusion - Path Traversal/Intruders/LFI-LogFileCheck.txt b/File Inclusion - Path Traversal/Intruders/LFI-LogFileCheck.txt deleted file mode 100644 index 0901c2b..0000000 --- a/File Inclusion - Path Traversal/Intruders/LFI-LogFileCheck.txt +++ /dev/null @@ -1,49 +0,0 @@ -/etc/passwd -/apache/logs/access.log -/apache/logs/error.log -/apache2/logs/error.log -/apache2/logs/access.log -/etc/httpd/logs/access.log -/etc/httpd/logs/access_log -/etc/httpd/logs/error_log -/etc/httpd/logs/error.log -/logs/error.log -/logs/access.log -/logs/error_log -/logs/access_log -/usr/local/apache/logs/access_log -/usr/local/apache/logs/access.log -/usr/local/apache/logs/error_log -/usr/local/apache/logs/error.log -/usr/local/apache2/logs/access_log -/usr/local/apache2/logs/access.log -/usr/local/apache2/logs/error_log -/usr/local/apache2/logs/error.log -/var/log/access_log -/var/log/access.log -/var/log/error_log -/var/log/error.log -/var/log/apache/access_log -/var/log/apache/error.log -/var/log/apache2/access_log -/var/log/apache2/error.log -/var/log/httpd/access_log -/var/log/httpd/error_log -/var/log/httpd/access_log -/var/log/httpd/error_log -/var/www/logs/error_log -/var/www/logs/error.log -/var/www/logs/access_log -/var/www/logs/access.log -/var/www/mgr/logs/error_log -/var/www/mgr/logs/error.log -/var/www/mgr/logs/access_log -/var/www/mgr/logs/access.log -/opt/lampp/logs/access_log -/opt/lampp/logs/access.log -/opt/lampp/logs/error_log -/opt/lampp/logs/error.log -/opt/xampp/logs/access_log -/opt/xampp/logs/access.log -/opt/xampp/logs/error_log -/opt/xampp/logs/error.log diff --git a/File Inclusion - Path Traversal/Intruders/Linux-files.txt b/File Inclusion - Path Traversal/Intruders/Linux-files.txt new file mode 100644 index 0000000..601422b --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/Linux-files.txt @@ -0,0 +1,58 @@ +/etc/passwd +/etc/group +/etc/hosts +/etc/motd +/etc/issue +/etc/bashrc +/etc/apache2/apache2.conf +/etc/apache2/ports.conf +/etc/apache2/sites-available/default +/etc/httpd/conf/httpd.conf +/etc/httpd/conf.d +/etc/httpd/logs/access.log +/etc/httpd/logs/access_log +/etc/httpd/logs/error.log +/etc/httpd/logs/error_log +/etc/init.d/apache2 +/etc/mysql/my.cnf +/etc/nginx.conf +/opt/lampp/logs/access_log +/opt/lampp/logs/error_log +/opt/lamp/log/access_log +/opt/lamp/logs/error_log +/proc/self/environ +/proc/version +/proc/cmdline +/proc/mounts +/proc/config.gz +/root/.bashrc +/root/.bash_history +/root/.ssh/authorized_keys +/root/.ssh/id_rsa +/root/.ssh/id_rsa.keystore +/root/.ssh/id_rsa.pub +/root/.ssh/known_hosts +/usr/local/apache/htdocs/index.html +/usr/local/apache/conf/httpd.conf +/usr/local/apache/conf/extra/httpd-ssl.conf +/usr/local/apache/logs/error_log +/usr/local/apache/logs/access_log +/usr/local/apache/bin/apachectl +/usr/local/apache2/htdocs/index.html +/usr/local/apache2/conf/httpd.conf +/usr/local/apache2/conf/extra/httpd-ssl.conf +/usr/local/apache2/logs/error_log +/usr/local/apache2/logs/access_log +/usr/local/apache2/bin/apachectl +/usr/local/etc/nginx/nginx.conf +/usr/local/nginx/conf/nginx.conf +/var/apache/logs/access_log +/var/apache/logs/access.log +/var/apache/logs/error_log +/var/apache/logs/error.log +/var/log/apache/access.log +/var/log/apache/access_log +/var/log/apache/error.log +/var/log/apache/error_log +/var/log/httpd/error_log +/var/log/httpd/access_log \ No newline at end of file diff --git a/File Inclusion - Path Traversal/Intruders/Logs-files.txt b/File Inclusion - Path Traversal/Intruders/Logs-files.txt new file mode 100644 index 0000000..39f5b69 --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/Logs-files.txt @@ -0,0 +1 @@ +71 diff --git a/File Inclusion - Path Traversal/Intruders/Mac-files.txt b/File Inclusion - Path Traversal/Intruders/Mac-files.txt new file mode 100644 index 0000000..9a1dd69 --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/Mac-files.txt @@ -0,0 +1,6 @@ +/etc/apache2/httpd.conf +/Library/WebServer/Documents/index.html +/private/var/log/appstore.log +/var/log/apache2/error_log +/var/log/apache2/access_log +/usr/local/nginx/conf/nginx.conf \ No newline at end of file diff --git a/File Inclusion - Path Traversal/Intruders/Web-files.txt b/File Inclusion - Path Traversal/Intruders/Web-files.txt new file mode 100644 index 0000000..e37d8f3 --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/Web-files.txt @@ -0,0 +1,13 @@ +/robots.txt +/humans.txt +/style.css +/configuration.php +wp-login.php +wp-admin.php +/wp-content/plugins +/include/config.php +/inc/config.php +/include/mysql.php +/inc/mysql.php +/sites/defaults/settings.php +/phpmyadmin/changelog.php \ No newline at end of file diff --git a/File Inclusion - Path Traversal/Intruders/Windows-files.txt b/File Inclusion - Path Traversal/Intruders/Windows-files.txt new file mode 100644 index 0000000..63386f7 --- /dev/null +++ b/File Inclusion - Path Traversal/Intruders/Windows-files.txt @@ -0,0 +1,212 @@ +C:/$recycle.bin/s-1-5-18/desktop.ini +C:/apache2/log/access.log +C:/apache2/log/access_log +C:/apache2/log/error.log +C:/apache2/log/error_log +C:/apache2/logs/access.log +C:/apache2/logs/access_log +C:/apache2/logs/error.log +C:/apache2/logs/error_log +C:/apache/log/access.log +C:/apache/log/access_log +C:/apache/log/error.log +C:/apache/log/error_log +C:/apache/logs/access.log +C:/apache/logs/access_log +C:\apache\logs\access.log +C:/apache/logs/error.log +C:/apache/logs/error_log +C:\apache\logs\error.log +C:/apache/php/php.ini +C:/boot.ini +C:\boot.ini +C:/documents and settings/administrator/desktop/desktop.ini +C:/documents and settings/administrator/ntuser.dat +C:/documents and settings/administrator/ntuser.ini +C:/home2/bin/stable/apache/php.ini +C:/home/bin/stable/apache/php.ini +C:/inetpub/logs/logfiles +C:/inetpub/wwwroot/global.asa +C:/inetpub/wwwroot/index.asp +C:/inetpub/wwwroot/web.config +C:/log/access.log +C:/log/access_log +C:/log/error.log +C:/log/error_log +C:/log/httpd/access_log +C:/log/httpd/error_log +C:/logs/access.log +C:/logs/access_log +C:/logs/error.log +C:/logs/error_log +C:/logs/httpd/access_log +C:/logs/httpd/error_log +C:/MININT/SMSOSD/OSDLOGS/VARIABLES.DAT +C:/mysql/bin/my.ini +C:/mysql/data/hostname.err +C:/mysql/data/mysql.err +C:/mysql/data/mysql.log +C:/mysql/my.cnf +C:/mysql/my.ini +C:\nginx-1.7.4\conf\nginx.conf +C:\nginx-1.7.4\nginx.conf +C:/opt/xampp/logs/access.log +C:/opt/xampp/logs/access_log +C:/opt/xampp/logs/error.log +C:/opt/xampp/logs/error_log +C:/php4/php.ini +C:/php4/sessions/ +C:/php5/php.ini +C:/php5/sessions/ +C:/php/php.ini +C:/php/sessions/ +C:/program files/apache group/apache2/conf/httpd.conf +C:/program files/apachegroup/apache2/conf/httpd.conf +C:/programfiles/apachegroup/apache2/conf/httpd.conf +C:/program files/apache group/apache/conf/httpd.conf +C:/program files/apachegroup/apache/conf/httpd.conf +C:/programfiles/apachegroup/apache/conf/httpd.conf +C:/program files/apache group/apache/logs/access.log +C:/program files/apache group/apache/logs/error.log +C:\Program Files\Apache Software Foundation\Apache2.2\conf\httpd.conf +C:\Program Files\Apache Software Foundation\Apache2.2\logs\access.log +C:\Program Files\Apache Software Foundation\Apache2.2\logs\error.log +C:/program files/filezilla server/filezilla server.xml +C:/program files/mysql/data/hostname.err +C:/program files/mysql/data/mysql-bin.log +C:/program files/mysql/data/mysql.err +C:/program files/mysql/data/mysql.log +C:/program files/mysql/my.cnf +C:/program files/mysql/my.ini +C:/program files/mysql/mysql server 5.0/data/hostname.err +C:/program files/mysql/mysql server 5.0/data/mysql-bin.log +C:/program files/mysql/mysql server 5.0/data/mysql.err +C:/program files/mysql/mysql server 5.0/data/mysql.log +C:/program files/mysql/mysql server 5.0/my.cnf +C:/program files/mysql/mysql server 5.0/my.ini +C:/program files/mysql/mysql server 5.1/my.ini +C:/program files (x86)/apache group/apache2/conf/httpd.conf +C:/program files (x86)/apache group/apache/conf/access.log +C:/program files (x86)/apache group/apache/conf/error.log +C:/program files (x86)/apache group/apache/conf/httpd.conf +C:/program files (x86)/filezilla server/filezilla server.xml +C:/program files (x86)/xampp/apache/conf/httpd.conf +C:/program files/xampp/apache/conf/httpd.conf +C:/programfiles/xampp/apache/conf/httpd.conf +C:/program files/xampp/apache/conf/httpd.confetc/passwd +C:/sysprep.inf +C:/sysprep/sysprep.inf +C:/sysprep/sysprep.xml +C:/sysprep.xml +C:/system32/inetsrv/metabase.xml +C:/system volume information/wpsettings.dat +C:/unattended.txt +C:/unattended.xml +C:/unattend.txt +C:/unattend.xml +C:/users/administrator/desktop/desktop.ini +C:/users/administrator/ntuser.dat +C:/users/administrator/ntuser.ini +C:\wamp\apache2\logs\access.log +C:\wamp\apache2\logs\access_log +C:\wamp\apache2\logs\error.log +C:\wamp\apache2\logs\error_log +C:\wamp\logs\access.log +C:\wamp\logs\access_log +C:\wamp\logs\error.log +C:\wamp\logs\error_log +C:/windows/csc/v2.0.6/pq +C:/windows/csc/v2.0.6/sm +C:/windows/debug/netsetup.log +C:/windows/explorer.exe +C:/windows/iis6.log +C:/windows/iis6.log (5,6 or 7) +C:/windows/iis7.log +C:/windows/iis8.log +C:/windows/notepad.exe +C:/windows/panther/setupinfo +C:/windows/panther/setupinfo.bak +C:/windows/panther/sysprep.inf +C:/windows/panther/sysprep.xml +C:/windows/panther/unattended.txt +C:/windows/panther/unattended.xml +C:/windows/panther/unattend/setupinfo +C:/windows/panther/unattend/setupinfo.bak +C:/windows/panther/unattend/sysprep.inf +C:/windows/panther/unattend/sysprep.xml +C:/windows/panther/unattend.txt +C:/windows/panther/unattend/unattended.txt +C:/windows/panther/unattend/unattended.xml +C:/windows/panther/unattend/unattend.txt +C:/windows/panther/unattend/unattend.xml +C:/windows/panther/unattend.xml +C:/windows/php.ini +C:/windows/repair/sam +C:/windows/repair/security +C:/windows/repair/software +C:/windows/repair/system +C:/windows/system32/config/appevent.evt +C:/windows/system32/config/default.sav +C:/windows/system32/config/regback/default +C:/windows/system32/config/regback/sam +C:/windows/system32/config/regback/security +C:/windows/system32/config/regback/software +C:/windows/system32/config/regback/system +C:/windows/system32/config/sam +C:/windows/system32/config/secevent.evt +C:/windows/system32/config/security.sav +C:/windows/system32/config/software.sav +C:/windows/system32/config/system +C:/windows/system32/config/system.sa +C:/windows/system32/config/system.sav +C:/windows/system32/drivers/etc/hosts +C:/windows/system32/eula.txt +C:/windows/system32/inetsrv/config/applicationhost.config +C:/windows/system32/inetsrv/config/schema/aspnet_schema.xml +C:/windows/system32/license.rtf +C:/windows/system32/logfiles/httperr/httperr1.log +C:/windows/system32/sysprep.inf +C:/windows/system32/sysprepsysprep.inf +C:/windows/system32/sysprep/sysprep.xml +C:/windows/system32/sysprepsysprep.xml +C:/windows/system32/sysprepunattended.txt +C:/windows/system32/sysprepunattended.xml +C:/windows/system32/sysprepunattend.txt +C:/windows/system32/sysprepunattend.xml +C:/windows/system32/sysprep.xml +C:/windows/system32/unattended.txt +C:/windows/system32/unattended.xml +C:/windows/system32/unattend.txt +C:/windows/system32/unattend.xml +C:/windows/system.ini +C:/windows/temp/ +C:/windows/windowsupdate.log +C:/windows/win.ini +C:/winnt/php.ini +C:/winnt/win.ini +C:/xampp/apache/bin/php.ini +C:/xampp/apache/conf/httpd.conf +C:/xampp/apache/logs/access.log +C:\xampp\apache\logs\access.log +C:\xampp\apache\logs\access_log +C:/xampp/apache/logs/error.log +C:\xampp\apache\logs\error.log +C:\xampp\apache\logs\error_log +C:/xampp/filezillaftp/filezilla server.xml +C:/xampp/filezillaftp/logs +C:/xampp/filezillaftp/logs/access.log +C:/xampp/filezillaftp/logs/error.log +C:/xampp/mercurymail/logs/access.log +C:/xampp/mercurymail/logs/error.log +C:/xampp/mercurymail/mercury.ini +C:/xampp/mysql/data/mysql.err +C:/xampp/phpmyadmin/config.inc +C:/xampp/phpmyadmin/config.inc.php +C:/xampp/phpmyadmin/phpinfo.php +C:/xampp/php/php.ini +C:/xampp/sendmail/sendmail.ini +C:/xampp/sendmail/sendmail.log +C:/xampp/tomcat/conf/tomcat-users.xml +C:/xampp/tomcat/conf/web.xml +C:/xampp/webalizer/webalizer.conf +C:/xampp/webdav/webdav.txt diff --git a/File Inclusion - Path Traversal/Intruders/windows-files.txt b/File Inclusion - Path Traversal/Intruders/windows-files.txt deleted file mode 100644 index 3626c2b..0000000 --- a/File Inclusion - Path Traversal/Intruders/windows-files.txt +++ /dev/null @@ -1,192 +0,0 @@ -C:/MININT/SMSOSD/OSDLOGS/VARIABLES.DAT -c:/$recycle.bin/s-1-5-18/desktop.ini -c:/apache/log/access.log -c:/apache/log/access_log -c:/apache/log/error.log -c:/apache/log/error_log -c:/apache/logs/access.log -c:/apache/logs/access_log -c:/apache/logs/error.log -c:/apache/logs/error_log -c:/apache/php/php.ini -c:/apache2/log/access.log -c:/apache2/log/access_log -c:/apache2/log/error.log -c:/apache2/log/error_log -c:/apache2/logs/access.log -c:/apache2/logs/access_log -c:/apache2/logs/error.log -c:/apache2/logs/error_log -c:/boot.ini -c:/documents and settings/administrator/desktop/desktop.ini -c:/documents and settings/administrator/ntuser.dat -c:/documents and settings/administrator/ntuser.ini -c:/home/bin/stable/apache/php.ini -c:/home2/bin/stable/apache/php.ini -c:/inetpub/logs/logfiles -c:/inetpub/wwwroot/global.asa -c:/inetpub/wwwroot/index.asp -c:/inetpub/wwwroot/web.config -c:/log/access.log -c:/log/access_log -c:/log/error.log -c:/log/error_log -c:/log/httpd/access_log -c:/log/httpd/error_log -c:/logs/access.log -c:/logs/access_log -c:/logs/error.log -c:/logs/error_log -c:/logs/httpd/access_log -c:/logs/httpd/error_log -c:/mysql/bin/my.ini -c:/mysql/data/hostname.err -c:/mysql/data/mysql.err -c:/mysql/data/mysql.log -c:/mysql/my.cnf -c:/mysql/my.ini -c:/opt/xampp/logs/access.log -c:/opt/xampp/logs/access_log -c:/opt/xampp/logs/error.log -c:/opt/xampp/logs/error_log -c:/php/php.ini -c:/php/sessions/ -c:/php4/php.ini -c:/php4/sessions/ -c:/php5/php.ini -c:/php5/sessions/ -c:/program files (x86)/apache group/apache/conf/access.log -c:/program files (x86)/apache group/apache/conf/error.log -c:/program files (x86)/apache group/apache/conf/httpd.conf -c:/program files (x86)/apache group/apache2/conf/httpd.conf -c:/program files (x86)/filezilla server/filezilla server.xml -c:/program files (x86)/xampp/apache/conf/httpd.conf -c:/program files/apache group/apache/conf/httpd.conf -c:/program files/apache group/apache/logs/access.log -c:/program files/apache group/apache/logs/error.log -c:/program files/apache group/apache2/conf/httpd.conf -c:/program files/apachegroup/apache/conf/httpd.conf -c:/program files/apachegroup/apache2/conf/httpd.conf -c:/program files/filezilla server/filezilla server.xml -c:/program files/mysql/data/hostname.err -c:/program files/mysql/data/mysql-bin.log -c:/program files/mysql/data/mysql.err -c:/program files/mysql/data/mysql.log -c:/program files/mysql/my.cnf -c:/program files/mysql/my.ini -c:/program files/mysql/mysql server 5.0/data/hostname.err -c:/program files/mysql/mysql server 5.0/data/mysql-bin.log -c:/program files/mysql/mysql server 5.0/data/mysql.err -c:/program files/mysql/mysql server 5.0/data/mysql.log -c:/program files/mysql/mysql server 5.0/my.cnf -c:/program files/mysql/mysql server 5.0/my.ini -c:/program files/mysql/mysql server 5.1/my.ini -c:/program files/xampp/apache/conf/httpd.conf -c:/program files/xampp/apache/conf/httpd.confetc/passwd -c:/programfiles/apachegroup/apache/conf/httpd.conf -c:/programfiles/apachegroup/apache2/conf/httpd.conf -c:/programfiles/xampp/apache/conf/httpd.conf -c:/sysprep.inf -c:/sysprep.xml -c:/sysprep/sysprep.inf -c:/sysprep/sysprep.xml -c:/system volume information/wpsettings.dat -c:/system32/inetsrv/metabase.xml -c:/unattend.txt -c:/unattend.xml -c:/unattended.txt -c:/unattended.xml -c:/users/administrator/desktop/desktop.ini -c:/users/administrator/ntuser.dat -c:/users/administrator/ntuser.ini -c:/windows/csc/v2.0.6/pq -c:/windows/csc/v2.0.6/sm -c:/windows/debug/netsetup.log -c:/windows/explorer.exe -c:/windows/iis6.log -c:/windows/iis6.log (5,6 or 7) -c:/windows/iis7.log -c:/windows/iis8.log -c:/windows/notepad.exe -c:/windows/panther/setupinfo -c:/windows/panther/setupinfo.bak -c:/windows/panther/sysprep.inf -c:/windows/panther/sysprep.xml -c:/windows/panther/unattend.txt -c:/windows/panther/unattend.xml -c:/windows/panther/unattend/setupinfo -c:/windows/panther/unattend/setupinfo.bak -c:/windows/panther/unattend/sysprep.inf -c:/windows/panther/unattend/sysprep.xml -c:/windows/panther/unattend/unattend.txt -c:/windows/panther/unattend/unattend.xml -c:/windows/panther/unattend/unattended.txt -c:/windows/panther/unattend/unattended.xml -c:/windows/panther/unattended.txt -c:/windows/panther/unattended.xml -c:/windows/php.ini -c:/windows/repair/sam -c:/windows/repair/security -c:/windows/repair/software -c:/windows/repair/system -c:/windows/system.ini -c:/windows/system32/config/appevent.evt -c:/windows/system32/config/default.sav -c:/windows/system32/config/regback/default -c:/windows/system32/config/regback/sam -c:/windows/system32/config/regback/security -c:/windows/system32/config/regback/software -c:/windows/system32/config/regback/system -c:/windows/system32/config/sam -c:/windows/system32/config/secevent.evt -c:/windows/system32/config/security.sav -c:/windows/system32/config/software.sav -c:/windows/system32/config/system -c:/windows/system32/config/system.sa -c:/windows/system32/config/system.sav -c:/windows/system32/drivers/etc/hosts -c:/windows/system32/eula.txt -c:/windows/system32/inetsrv/config/applicationhost.config -c:/windows/system32/inetsrv/config/schema/aspnet_schema.xml -c:/windows/system32/license.rtf -c:/windows/system32/logfiles/httperr/httperr1.log -c:/windows/system32/sysprep.inf -c:/windows/system32/sysprep.xml -c:/windows/system32/sysprep/sysprep.xml -c:/windows/system32/sysprepsysprep.inf -c:/windows/system32/sysprepsysprep.xml -c:/windows/system32/sysprepunattend.txt -c:/windows/system32/sysprepunattend.xml -c:/windows/system32/sysprepunattended.txt -c:/windows/system32/sysprepunattended.xml -c:/windows/system32/unattend.txt -c:/windows/system32/unattend.xml -c:/windows/system32/unattended.txt -c:/windows/system32/unattended.xml -c:/windows/temp/ -c:/windows/win.ini -c:/windows/windowsupdate.log -c:/winnt/php.ini -c:/winnt/win.ini -c:/xampp/apache/bin/php.ini -c:/xampp/apache/conf/httpd.conf -c:/xampp/apache/logs/access.log -c:/xampp/apache/logs/error.log -c:/xampp/filezillaftp/filezilla server.xml -c:/xampp/filezillaftp/logs -c:/xampp/filezillaftp/logs/access.log -c:/xampp/filezillaftp/logs/error.log -c:/xampp/mercurymail/logs/access.log -c:/xampp/mercurymail/logs/error.log -c:/xampp/mercurymail/mercury.ini -c:/xampp/mysql/data/mysql.err -c:/xampp/php/php.ini -c:/xampp/phpmyadmin/config.inc -c:/xampp/phpmyadmin/config.inc.php -c:/xampp/phpmyadmin/phpinfo.php -c:/xampp/sendmail/sendmail.ini -c:/xampp/sendmail/sendmail.log -c:/xampp/tomcat/conf/tomcat-users.xml -c:/xampp/tomcat/conf/web.xml -c:/xampp/webalizer/webalizer.conf -c:/xampp/webdav/webdav.txt diff --git a/File Inclusion - Path Traversal/README.md b/File Inclusion - Path Traversal/README.md index 4370e8a..375cbf7 100644 --- a/File Inclusion - Path Traversal/README.md +++ b/File Inclusion - Path Traversal/README.md @@ -337,4 +337,5 @@ login=1&user=admin&pass=password&lang=/../../../../../../../../../var/lib/php5/s * [Baby^H Master PHP 2017 by @orangetw](https://github.com/orangetw/My-CTF-Web-Challenges#babyh-master-php-2017) * [Чтение файлов => unserialize !](https://rdot.org/forum/showthread.php?t=4379) * [New PHP Exploitation Technique - 14 Aug 2018 by Dr. Johannes Dahse](https://blog.ripstech.com/2018/new-php-exploitation-technique/) -* [It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It, Sam Thomas](https://github.com/s-n-t/presentations/blob/master/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf) \ No newline at end of file +* [It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It, Sam Thomas](https://github.com/s-n-t/presentations/blob/master/us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf) +* [Local file inclusion mini list - Penetrate.io](https://penetrate.io/2014/09/25/local-file-inclusion-mini-list/) \ No newline at end of file