Orthopedius wrote:Well, I'm kind of lost, I've done php before and i know about the methods and everything, but still like i found what is password related thing,( which i cannot mention here) but still i cannot figure out how to open it
I'm with you Orthopedius & wallhalla...**think** I found the exploit, but either I'm overthinking it or I am just plain ignorant.
-I see that the form-data tag is sent to the form action element as a post transaction.
-I understand that compared to URL variables, it is safer because form-data appends to the body instead of the URL
-I do see the additional input tag in Basic 3, compared to Basic 2.
-The only difference I see:
the actual URL of the page is missing the PHP extension at the end of its path while the HTML source code has
the input tags include with it a name tag, a value tag, or both with the PHP extension
... ¿Any help please? I feel so close, yet so far...