Hi
I have completed this level and sort of understand it, but i think it is the fundamentals that i haven’t grasped?
I am unclear on how it actually works?
This may sound stupid but here goes… what exactly is admin.php? a server file?
On the login page https://www.hackthis.co.uk/levels/extras/real/6/admin.php the source is minimal
I enter a password lets say ‘Hello’
it submits that password to the server;
https://www.hackthis.co.uk/levels/extras/real/6/admin.php?password=Hello
this is where i get a little lost; I have thought a php file named admin.php processes the input at the server; redirecting if correct. Is that right.
when we use the Null Byte, are we pulling out the content of the admin.php file into the webpage? or have i got it all wrong?