I am working on "DVWA" vulnerability lab and currently i am little stuck at one issue. I have inserted the php code to image metadata through exiftool and i have successfully uploaded the image with the extension "image.php.jpeg" but when i am loading the image in the browser the php payload not executing it's directly rendering the image.
Exif Paylod
exiftool -DocumentName="<h1>Hello World<br><?php phpinfo();?></h1>" image.jpeg
URL
http://localhost:8080/dvwa/hackable/uploads/image.php.jpeg
I have seen in many tutorials the above payload working fine but in my browser both (Chrome and Firefox) it's not working.
Please follow this tutorial video :- https://www.youtube.com/watch?v=nNB9XlRfvzw&t=323s
i followed the exact same steps but only thing is at last when i am loading the image in the browser the exif is not loading it's simply showing the image.
Question, is the browser restricting the exif data or something wrong with my payload.
Please help me out
Thanks