10.129.42.195
Task 1 – During our scan, which port do we find serving MySQL?
Scanned the machine with nmap.
A: 3306
Task 2 – What community-developed MySQL version is the target running?
A: MariaDB
Task 3 – When using the MySQL command line client, what switch do we need to use in order to specify a login username?
I had previous notes “”Mysql -u {username} -h {hostname} -p””.
A: -u
Task 4 – Which username allows us to log into this MariaDB instance without providing a password?
Googled this.
A: root
Task 5 – In SQL, what symbol can we use to specify within the query that we want to display everything inside a table?
A: *
Task 6 – In SQL, what symbol do we need to end each query with?
Both questions are pretty common knowledge.
A: ;
Task 7 – There are three databases in this MySQL instance that are common across all MySQL instances. What is the name of the fourth that’s unique to this host?
A: htb
Submit Flag:
Moved into the database using “”USE htb””. Then listed the tables using “”SHOW TABLES;””. You can see I missed the ; at the end but it went to the next line and let me use it. I listed everything found in users. As there wasn’t any use to move forward with the back with that information I checked out the table config and we found it.
A: 7b4bec00d1a39e3dd4e021ec3d915da8
GG
Hacking Insights by Max Bautista 
Leave a comment