I am watching the website hacking course. At the section of “Remote File Inclusion Vulnerabilities – Discovery & Exploitation”, I wonder why “reverse.text” file is executed as a php file at the target server because it is not .php file. I hope someone teach me ! thanks.
Hi!
It works because it contains php code and the server is not restricting execution on any file type. So this will also depend on the configuration of the server but it’s something that is worth to try.