A vulnerable website blocks almost everything that is related to PE (Privilege Escalation), but when encoding the
ls -al code into a base64 format, the website doesn’t block the dangerous code (at Scan Time), will the web server detect and block the code at Run Time ?
base64 -d <<< bHMgLWFs | sh: Base64 of
Web Server: Scanning the input.. Seems fine, I will not block it.
Web Server Inside: ls -al # Will it block it at run time ?