I have a scenario as the following:
<?php include("resource/" + $_GET['vuln']); ?>
And I'm trying to get RCE from this, or atleast acquire some interesting information.
I already looked at /etc/passwd
and other important files. Are there things I can do to bypass the resource/
prefix (since it disables me from using php://
filters)?