This is some full description of the ways to explore and exploit this level :)
Please refer to here https://livingbeef.blogspot.com/2020/04/sfr-hexionctf-we-get-some-webapp.html

Original writeup (https://livingbeef.blogspot.com/2020/04/sfr-hexionctf-we-get-some-webapp.html).