Sequel

PreviousAppointment NextCrocodile

Last updated 2 years ago

Sequel

Task 1

During our scan, which port do we find serving MySQL?

Answer:

Use nmap to scan target.
MySQL is running off of port 3306.

Task 2

What community-developed MySQL version is the target running?

Answer:

Run the following command

nmap -sC -p 3306 [IP]

The answer is MariaDB

Task 3

When using the MySQL command line client, what switch do we need to use in order to specify a login username?

Answer:

Needed to install mysql first.
I started with the following but it wasn't working

sudo apt update

sudo apt dist-upgrade

sudo apt install mysql-server

This wasn't working so I tried searching for an answer on stackoverflow and found the following:

sudo apt install mariadb-server mariadb-client

systemctl start mysql

systemctl status  mysql

This worked and mysql was iinstalled.
I than ran the following to find out different options:

mysql --help

This showed me that the answer is "-u"

Task 4

Which username allows us to log into this MariaDB instance without providing a password?

Answer:

I first tried "admin" but that didn't work.
I then tried "root" and that was the answer.

Task 5

In SQL, what symbol can we use to specify within the query that we want to display everything inside a table?

Answer:

I took a guess that it was the wildcard "*" and was right.

Task 6

In SQL, what symbol do we need to end each query with?

Answer:

I tried guessing a couple of time but wasn't getting the answer.
I looked it up and should have guessed that it was ";"

Task 7

There are three databases in this MySQL instance that are common across all MySQL instances. What is the name of the fourth that's unique to this host?

Answer:

Okay so first I'm dumb. I didin't realize that I just logged into a mysql server that I started on my own VM.
So I logged out and did the following command to log into the machine from the lab:

sudo mysql -h [IP] -u root

This got me into the target database. From here I used the following command to see the databases.

SHOW databases;

I did this previously and got an output so new what were the standard three databases. I compared this to the new output which gave me the answer of "htb".

Find the Flag

I used the following commands to gain access to the server:

USE htb;

SHOW tables;

SELECT * FROM config;

This gave me the flag "7b4bec00d1a39e3dd4e021ec3d915da8"

PreviousAppointment NextCrocodile

Last updated 2 years ago

Task 1

During our scan, which port do we find serving MySQL?

Answer:

Use nmap to scan target.
MySQL is running off of port 3306.

Task 2

What community-developed MySQL version is the target running?

Answer:

Run the following command

nmap -sC -p 3306 [IP]

The answer is MariaDB

Task 3

When using the MySQL command line client, what switch do we need to use in order to specify a login username?

Answer:

Needed to install mysql first.
I started with the following but it wasn't working

sudo apt update

sudo apt dist-upgrade

sudo apt install mysql-server

This wasn't working so I tried searching for an answer on stackoverflow and found the following:

sudo apt install mariadb-server mariadb-client

systemctl start mysql

systemctl status  mysql

This worked and mysql was iinstalled.
I than ran the following to find out different options:

mysql --help

This showed me that the answer is "-u"

Task 4

Which username allows us to log into this MariaDB instance without providing a password?

Answer:

I first tried "admin" but that didn't work.
I then tried "root" and that was the answer.

Task 5

In SQL, what symbol can we use to specify within the query that we want to display everything inside a table?

Answer:

I took a guess that it was the wildcard "*" and was right.

Task 6

In SQL, what symbol do we need to end each query with?

Answer:

I tried guessing a couple of time but wasn't getting the answer.
I looked it up and should have guessed that it was ";"

Task 7

There are three databases in this MySQL instance that are common across all MySQL instances. What is the name of the fourth that's unique to this host?

Answer:

Okay so first I'm dumb. I didin't realize that I just logged into a mysql server that I started on my own VM.
So I logged out and did the following command to log into the machine from the lab:

sudo mysql -h [IP] -u root

This got me into the target database. From here I used the following command to see the databases.

SHOW databases;

I did this previously and got an output so new what were the standard three databases. I compared this to the new output which gave me the answer of "htb".

Find the Flag

I used the following commands to gain access to the server:

USE htb;

SHOW tables;

SELECT * FROM config;

This gave me the flag "7b4bec00d1a39e3dd4e021ec3d915da8"