Created
March 1, 2018 23:04
-
-
Save DavidMellul/6ea837b0938819fa6147c163e3b808fa to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function nice_include($file) { | |
| if (file_exists('/home/wwwrun/'.$file.'.php')) { // Taken from PHP docs | |
| include '/home/wwwrun/'.$file.'.php'; | |
| } | |
| } | |
| nice_include("../private_admin_data.txt\0"); | |
| # => file_exists will return true since home/private_admin_data.txt exists | |
| # => The '.php' extension will be skipped because of the \0 null-termination character. | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment