I used a bash script, but forgot about removing newlines when preparing the payload. This resulted in me thinking the WAF was blocking requests over a certain length (and me wasting hours) ?♂️
Apart from my stupidity, it was a nice challenge.
I used a bash script, but forgot about removing newlines when preparing the payload. This resulted in me thinking the WAF was blocking requests over a certain length (and me wasting hours) ?♂️
Apart from my stupidity, it was a nice challenge.