I am trying to turn the fake shell into a real shell. I am reading the exploit from the db. Am I supposed to do the exploit manually thru burp suite to get a browser shell? I do not understand where to inject the malicious stuff, could someone give me a nudge on this? Can a real browser shell do file transfers unlike the fake shell?