php-filter-chain-oracle

Official

Leak files from blind PHP LFI via filter oracle

Authordreadnode
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill solves the critical limitation of being unable to read arbitrary files from PHP targets affected by blind local file inclusion (LFI) vulnerabilities that return no direct visible output of the included file content.

Core Features & Use Cases

  • Blind LFI Exploitation: Leverages PHP filter chain error-based oracles to exfiltrate file contents even when no direct output from the included file is visible to the user.
  • Differential Response Analysis: Uses memory exhaustion differentials from chained iconv filters and the dechunk oracle to reconstruct file contents byte-by-byte based on observable HTTP response differences (500 vs 200 status codes).
  • Use Case: For penetration testers assessing PHP web applications, this Skill enables reading sensitive files such as /etc/passwd or application configuration files when only a blind LFI vulnerability is present, with no direct file output available.

Quick Start

Use the php-filter-chain-oracle skill to exfiltrate the contents of /etc/passwd from the target PHP application's blind LFI endpoint.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: php-filter-chain-oracle
Download link: https://github.com/dreadnode/capabilities/archive/main.zip#php-filter-chain-oracle

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 536,000+ vetted skills library on demand.