Did you know Cybrary has FREE video training? Join more than 2,500,000 IT and cyber security professionals, students, career changers, and more, growing their careers on Cybrary.
This lesson offers a demonstration of a path traversal with local file inclusion attack. Because of a certain PHP script, it is easy for a hacker to do a path traversal on the web server to see if there is a local file on the system. Using the Burp Suite interceptor, a request is send out and you can see the URL parameters and this is easily replaced with something out (e.g., the boot file).