I just start to learn website hacking. I have tried my best to exploit file upload vulnerability with high security (in DVWA 1.9/1.10), but unable to exploit this one.
Methods I have tried
- double extension (ex: shell.php.jpeg)
- Null byte injection.
Could you please let me know the way to exploit this vulnerability in DVWA1.9 or 1.10.
Thank you in advance!