/home
/blog
/mavsh
/ctf
/etc
Hack The Box Nibbles:
php file upload -> script executing “su” w/misconfiguration -> root