Hey, I'm still trying to get a foothold. I understand that we need to bypass the 403 on /manager/html. Right now, I'm trying to bypass the restriction with http request smuggling (CVE-2020-12440) but can't manager to get it working. Am I on the right track ? Which smuggling attack type to use : TE.CL ; CL.TE ; TE.TE ?
in monitors machine I found RFI but I can't get a shell and not found any password for wordpress login, can you help please?