A bug in PHP
By sending in the password POST data as an array.
password
Get the POST from Burp and resend with an Array
Webpage will let you in!
username=admin&password=admin ..original username=admin&password[]= ..type juggline
REF: NinevehHTB
https://0xdf.gitlab.io/2020/04/22/htb-nineveh.htmlarrow-up-right
Last updated 2 years ago
