Sequel Machine - Hack The Box - Writeup
Recon
We start to ping the machine to look up the TTL to identifiy if is a linux machine or a Windows Machine
the TTL is near of 64 so is a Linux Machine.
We launch a nmap scan to identify the open ports on the machine:
The nmap scan shows the port 3306 Open usually port 3306 running SQL let's try with some basic scripts on nmap.
Look, we found some interesting information the port 3306 running a database of MYSQL on mariadb.
Connection
Try to connect to databse without password :
And success:
You can type help and look some utils commands:
Lists the databases on it with show databases; remember to close the query with ;
Move to htb database:
List the tables on htb database:
Get the flag
You can show all the content of a table with * :
And congrats! You have pwned Sequel Machine.