?page=../../../../root/.aws/config
https://vulnerable-app.com/index.php?page=file-3A-2F-2F-2Froot-2F.aws-2Fconfig fetch-url-file-3A-2F-2F-2Froot-2F.aws-2Fconfig
If you see file:///root/.aws/config anywhere in your logs, act as if your AWS keys are already public. Because in the cloud, every second counts. an attacker might try: Worse
Some PHP or web applications allow including local files via parameters like ?page=home . If the application does not sanitize input, an attacker might try: fetch-url-file-3A-2F-2F-2Froot-2F.aws-2Fconfig
Worse, some systems decode input multiple times (double decoding). An attacker might send: