Type your comment> @megaHEX said:
I know I’m close, and I’m sure I’m doing something stupid to not get the *** shell. Can anyone tell me the correct path to write up when running the 40***.py exploit? At first I had “support/?v=submit_ticket” and the exploit found the file but that kept giving me links to 404 pages.
I then tried “support/uploads/tickets” and mind you - I run the exploit right before I press upload since the box is time sensitive, yet exploit.py still does not find any file.
Anyone who can help me with this one aspect, please feel free to DM me, before I lose my mind over this one box.
Make sure to read the exploit you’re trying to use and understand what it does, that’ll help you understand why what you’re doing might not be working.