I have to do an assignment for a penetration testing exam but i’m a little bit stuck.
Among all the vulnerabilities i have to inject an upload form but it behaves weird, if i upload a file (even an image or similar) it does not do anything so i can’t tell if the file has been uploaded or not, there is no error message , anything useful.
I have a LFI vulnearbility so i can check files in /var/www/html and get the source but i can’t find anything useful, basically i have only .php frontend files :\
What vulnerability can i expect? or are there any tests that i can do?
This is the post request of burp-suite when i upload: https://imgur.com/a/Z7zeFoQ
Thank you 🙂