Thanks buddy for your post.
I think you missed one thing. when performing the attack in the exploit server, you should be logged out, because as a real attacker you would not be logged in the account carlos/montoya.
I write to better educate myself as I go through CTFs and Bug Bounties. If anything I have written is incorrect, please let me know and send me a link to an article to read to better educate myself.
Location
Seattle
Education
Information Technology BA and Software Engineering Bootcamp Grad
Thanks buddy for your post.
I think you missed one thing. when performing the attack in the exploit server, you should be logged out, because as a real attacker you would not be logged in the account carlos/montoya.
Thanks for info. Maybe this was why I had struggled to get it to work for so long. I'll have to try this again and log out.