I’m doing a puzzle of security and I’m stuck on a problem that they give me an url (autommatically when searching for the website it adds some query params to the website like mywebsite.com/ab/index.php/?id=322332&uuid=2214124,etc…) and in the console as a tip they print a table name company_users and then the login does nothing because I’ve checked the php form and they have this
$.post("../cd/api.php?action=login",
{
username: user.value,
password: password.value
}, function (data, status) {
return false;
}
And the console log is because when opening the website it does this
$.get("../cd/api.php?action=hint", function (data, status) {
console.log(data)
});
is using jquery/3.5.1/jquery.min.js
Note that the website is
mywebsite.com/ab/index.php?id=…
and the api.php is in
mywebsite.com/cd/api.php
does it help?
Any hint you can tell me? Or something I can try?