I am back .. was away for a long time .. (Sorry, but from now will be active again)
So have founde a site that is vuln to LFI i am able to read /etc/passwd and other files like the config.php file on the site . But when i want to read /proc/self/environ i am getting a blank page .. Is there any other ways to upload a shell without the /rpc/self/environ ?
Also have tried if is working RFI on the same page and is working only that when i am sung .php for the shell i am getting my servers info not the vuln server info . and when i am using .txt then i cannot read the shell .. why is that ?
Also have founde the database info pass and all but is ip restricted is any other way to bypass ip restriction .. ?
I think the site may have some LFI vulns, but they could have secured certain parts of their server. btw, if this sounds stupid, it's probably bcuz I'm on MDMA right now :p So i'll come back later to check my answer :) Now I just wanna type and type and type :p
Seeing your server info means it's excuted on your server and maybe sent as plain text to your target, try disabling PHP so u can send a php file source code. it seems ur victim gets the output of your PHP file, the compiled. I hope I helped with that issue at least.
Also have founde the database info pass and all but is ip restricted is any other way to bypass ip restriction .. ?
Look up what x-forwarded-for is, in regards to http. This may solve your problem of ip restriction, however...defending against x-forwarded-for is easy.
Either that, or you can do a TCP replay and change the source-ip.
Joke: Waiting for McKittrick to tell me I'm wrong/missed something. ;)