proving grounds – xposedapi
in this we gonna bypass waf with x-forwarded-for header and find a lfi vuln
and we send payload and /update it
after getting shell we take advantage of wget SUID to get root

https://t.co/XWAwPvRlrg

#cybersecurity