Sequel
Last updated
Last updated
Task 1
During our scan, which port do we find serving MySQL?
Answer:
Use nmap to scan target.
MySQL is running off of port 3306.
Task 2
What community-developed MySQL version is the target running?
Answer:
Run the following command
The answer is MariaDB
Task 3
When using the MySQL command line client, what switch do we need to use in order to specify a login username?
Answer:
Needed to install mysql first.
I started with the following but it wasn't working
This wasn't working so I tried searching for an answer on stackoverflow and found the following:
This worked and mysql was iinstalled.
I than ran the following to find out different options:
This showed me that the answer is "-u"
Task 4
Which username allows us to log into this MariaDB instance without providing a password?
Answer:
I first tried "admin" but that didn't work.
I then tried "root" and that was the answer.
Task 5
In SQL, what symbol can we use to specify within the query that we want to display everything inside a table?
Answer:
I took a guess that it was the wildcard "*" and was right.
Task 6
In SQL, what symbol do we need to end each query with?
Answer:
I tried guessing a couple of time but wasn't getting the answer.
I looked it up and should have guessed that it was ";"
Task 7
There are three databases in this MySQL instance that are common across all MySQL instances. What is the name of the fourth that's unique to this host?
Answer:
Okay so first I'm dumb. I didin't realize that I just logged into a mysql server that I started on my own VM.
So I logged out and did the following command to log into the machine from the lab:
This got me into the target database. From here I used the following command to see the databases.
I did this previously and got an output so new what were the standard three databases. I compared this to the new output which gave me the answer of "htb".
Find the Flag
I used the following commands to gain access to the server:
This gave me the flag "7b4bec00d1a39e3dd4e021ec3d915da8"