Sequel Write-up - Nikola's Digital Garden

#readwise # Sequel Write-up ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/media/reader/parsed_document_assets/166017095/GGXPqcQINu7Yi35SPE_RCu6Hhl1FfXxNHChd3YIHwh8-cove_70cVeUB.png) ## Metadata - Author: [[Hack The Box]] - Full Title: Sequel Write-up - URL: https://readwise.io/reader/document_raw_content/166017095 ## Summary This write-up explains how to navigate databases, which store important data like usernames and passwords. Databases use tables to organize information, making it easy to access. The process of logging into a website involves checking user credentials against stored data in the database. The tutorial shows how to connect to a MySQL service directly and explore its tables to find valuable information. ## Highlights In order to communicate with the database, we need to install either `mysql` or `mariadb` on our local machine. To do that, you need to run the following command. Make sure you include the `*` symbol at the end of the command to include all the related MySQL packages available. This will cover all of your needs for now. ```sh sudo apt update && sudo apt install mysql* ``` ([View Highlight](https://read.readwise.io/read/01jrmqqstsyq0hxt5asy53888d)) --- Note that the MySQL clients usually authenticate with the service with a username/password combination. However, it is essential to test for passwordless authentication, as there might be an intentional misconfiguration in the service, which would allow personnel to easily log into the service during the deployment stage of the project to easily interact with it before making it available to other colleagues. In the present situation, an initial attempt can be to attempt a log-in as the root user, naturally having the highest level of privileges on the system. `-h`: Connect to host. `-u`: User for log-in if not current user. ([View Highlight](https://read.readwise.io/read/01jrmqrzbd9qnpqhvxh7p254fb)) --- The commands we are going to use are essential for navigation: `SHOW databases;` Prints out the databases we can access. `USE {database_name};` Set to use the database named {database_name}. `SHOW tables;` Prints out the available tables inside the current database. `SELECT * FROM {table_name};` Prints out all the data from the table {table_name}. --- Note that it is essential to end each command with the `;` symbol, as it declares the end of the command. Apart from that, SQL is a query-oriented language, which means that you supply it with one query at a time. ([View Highlight](https://read.readwise.io/read/01jrmqtfwadtmzff5cq029jz4t)) --- From the output, the `htb` database seems to be of value to us. In order to see what rests inside it, we will need to "select" the `htb` database as the active one - the database we want to actively interact with for our subsequent commands. To achieve this, the `USE htb;` command can be used. ([View Highlight](https://read.readwise.io/read/01jrmqtyz0mfe9t6jyxrfq1vft)) --- We have successfully changed the database. The next step is to check what tables does the `htb` database contain. We can achieve this by following up with the `SHOW tables;` command. ([View Highlight](https://read.readwise.io/read/01jrmqv90p158jdsvb9ckjk6ak)) --- We have two tables: config and users . These can be checked sequentially for their content by using the `SELECT * FROM {table_name}` command, where `{table_name}` is the exact name of the table you want to explore, taken from the output above. Once we query the config table for contents, the flag entry is output in our terminal, alongside its' value. ([View Highlight](https://read.readwise.io/read/01jrmqw1yjznm3hmaaz0c9pa7r)) ---