TryHackMe - Crylo (No Sqlmap)
This a is a video walk-through of TryHackMe's Crylo. If you prefer a written walk-through, you can find it here: https://readysetexploit.gitlab.io/hom...
Buy Me A Coffee :)
https://www.buymeacoffee.com/hadrian3689
0:00 Intro
2:00 Nmap scan and results
4:10 Reviewing web site
5:00 Using Gobuster to find endpoints
5:50 Targeting login page. Identifying SQL Injection
8:20 Using Sqlmap to prove SQL Injection
11:20 Start of manual script
16:30 Got middlewaren token
22:50 Extracting database with script
25:15 Extracting table with script
29:20 Extracting columns with script
34:35 Extracting hash with script
35:20 Identifying framework with hash
39:25 Reviewing JavaScript files while waiting on hash
40:55 Reviewing PIN set script
42:45 Hash extracted. Cracking hash using Hashcat
45:40 Moving on with 2FA bypass
46:40 Changing the PIN set variable
47:40 PIN changed and 2FA bypassed. Localhost bypassing
50:45 Getting reverse shell
53:20 Exploring the database manually
54:30 Finding a encrypted password string
56:00 Finding AES encryption script
57:45 Using script to decrypt password string
58:30 Password decoded and getting root user
![[MMD X APH] Do you even lift bro](https://images.videosashka.com/watch/9CMrLatdA0Q)
