🤖 Automated Content Update

This PR was automatically generated by the HackTricks News Bot based on a technical blog post.

📝 Source Information

• Blog URL:
• Blog Title: Research Update: Enhanced src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md
• Suggested Section: Research

🎯 Content Summary

Research Update for src/pentesting-web/file-inclusion/lfi2rce-via-nginx-temp-files.md

This PR contains automated research updates including:

• Latest security vulnerabilities and attack vectors
• Updated techniques and tools
• Enhanced explanations and examples
• Additional references and resources

Generated by: HackTricks Research Agent
Timestamp: 2025-12-09 01:47:03 UTC

This update was generated through automated security research to keep HackTricks content current and compr...

🔧 Technical Details

Research update for HackTricks content

🤖 Agent Actions

Summary of updates:

• Rebuilt the vulnerable-configuration explanation with the minimal PHP sample, clarified why nginx temp files remain reachable through /proc/<pid>/fd, and structured a “classic workflow” section detailing PID discovery, temp-file creation, descriptor mapping, and inclusion, all grounded in the original research. citeturn1search0
• Added a “Modern variations (2024–2025)” section describing the IngressNightmare (CVE-2025-1974) technique: keeping buffered bodies alive via fake Content-Length, enumerating client-body descriptors, and abusing injected directives such as ssl_engine to load buffered shared objects for RCE, plus a Python reconnaissance helper aligned with that attack path. citeturn12view0
• Introduced practical tips on detecting buffering and orchestrator-specific nuances, and ensured the Labs and References sections highlight both the classic write-up and the new 2025 ingress-nginx research for quick follow-up. citeturn1search0turn12view0

This PR was automatically created by the HackTricks Feed Bot. Please review the changes carefully before merging.