/etc/passwd.phpdoes not exist. However, if we add the nullbyte to the end of our attack-string the
.phpwill not be taken into account. So we add
%00to the end of our attack-string.
.txt-files but not
.phpfiles. That is because they get executed by the webserver, since their file-ending says that it contains code. This can be bypassed by using a build-in php-filter.