Check any input that could be file access:
ex params:
?filename=... ?path= lang=en
Just bruteforce with this LFI payload into that params.
Linux https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/file_inclusion_linux.txtarrow-up-right
Windows https://github.com/carlospolop/Auto_Wordlists/blob/main/wordlists/file_inclusion_windows.txtarrow-up-right
Last updated 1 year ago