CTF Support
Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Toggle Dark/Light/Auto mode Back to homepage
  1. CTF Support
  2. /
  3. Web Exploitation
  4. /
  5. Local File Inclusion (LFI)
  6. /
  7. php://filter
Edit page

php://filter

Example Usage

To return a Base64-encoded file (such as source code):

view.php?page=php://filter/convert.base64-encode/resource=index.php

This reveals otherwise inaccessible PHP source code when decoded.

Tools

Tool Purpose
PHP Include to Shell Char Dict Generate payloads for LFI filters
BurpSuite Repeater Test file paths interactively

Tips

  • Combine with directory traversal (../../) to reach deeper targets.
  • Look for /proc/self/environ or /var/log/apache2/access.log for potential log injection.