# Local / Remote File Inclusion * [Wildcard bypass & LFI 1. Intercepted a POST req that pointed to a local file "/usr/local/redacted/filename" 2. tried "/etc/passwd" -> bad request 3. "/user/local/../../etc/passwd" -> bad request 4. "/user/local/redacted/../../../etc/passwd" -> OK 5. LFI & bounty](https://twitter.com/11xuxx/status/1252905397259767808) * [Yay, I was awarded a $5,000 bounty on@Hacker0x01 ! https://hackerone.com/patrik #TogetherWeHitHarder Thank you so much@umr4n6 for the amazing bypass :\] /..;/..;/ can only recommend following her :) Vogel #dreamworkmakestheteamwork](https://twitter.com/ITSecurityguard/status/1242190696439853058) * [#BugBountyTip - If you find a LFI ignore /etc/passwd and go for /var/run/secrets/kubernetes.io/serviceaccount this will raise the severity when you hand them a kubernetes token or cert.](https://twitter.com/Random_Robbie/status/1072235866582642689) * [#BugBountyTip time: I've got a RCE by using this tip: while testing for malicious file uploads, if .php extension is blacklisted you can try .PhP , .php5 and .php3 Sometime this fools the backend and you get shell! RTs & comments are appreciated. Follow #bugbountytips #pentest](https://twitter.com/HusseiN98D/status/1220120543778787328) * [Browser-Based application LFI file:///etc/passwd blacklisted? Use "view-source:file:///etc/passwd" "view-source" is often forgotten by developers in blacklists. #BugBounty #BugBountyTip #BugBountyTips](https://twitter.com/HusseiN98D/status/1325464364569276417) ![](https://1889062997-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbWrDBBrbM1WtGeIKRO%2F-M5py_V2sDYHDA38BWV6%2F-M5zAC1-E-g_cwmb0_MK%2Fimage.png?alt=media\&token=92d10634-7e45-41c6-8381-5bc90991a261) If a web application allow you to upload a .zip file, zip\:// is an interesting PHP wrapper to turn a LFI into a RCE. {% embed url="" %} ![https://twitter.com/j1t35h/status/1292406847496888320?s=20](https://1889062997-files.gitbook.io/~/files/v0/b/gitbook-legacy-files/o/assets%2F-LbWrDBBrbM1WtGeIKRO%2F-MT9w7B0i_yWaA5sRzgH%2F-MT9wZb_iWPVD7GCDkb3%2Fimage.png?alt=media\&token=81be6ed7-64e0-4623-92c6-e9e6d752fc27)