Hi friend,
My solution is below:
-
I test the payload and see it works.
PHNjcmlwdD5hbGVydCgxKTwvc2NyaXB0Pg== meaning is -
I craft the payload:
after that encode base64 it and put it in payload
-
I submit the above payload to the form http://vulnerablesite.htb:44664/home.php
-
After that a moment if OK the result sent to the http://exfiltrate.htb:44664/log
Last time I did it this way but I couldn’t see the results sent to http://exfiltrate.htb:44664/log, do you think my way is correct and needs to be fixed, please recommend and let me know how you solved this challenge, thank you very much.