Source CTF and HTB Academy

  • Usually on port 3306

MySQL is an open-source SQL relational database management system developed and supported by Oracle. A database is simply a structured collection of data organized for easy use and retrieval. The database system can quickly process large amounts of data with high performance.

  • sudo apt install mysql-server -y install mysql server

  • On Parrot I had to

    • sudo apt install mariadb-client

    • sudo apt install mariadb-server

SQL language

Default Configuration

  • cat /etc/mysql/mysql.conf.d/mysqld.cnf | grep -v "#" | sed -r '/^\s*$/d'

Dangerous Settings



Sets which user the MySQL service will run as.


Sets the password for the MySQL user.


The IP address on which to listen for TCP/IP connections on the administrative network interface.


This variable indicates the current debugging settings


This variable controls whether single-row INSERT statements produce an information string if warnings occur.


This variable is used to limit the effect of data import and export operations.



  • sudo nmap -sV -sC -p3306 --script mysql*

Interaction with the server

  • mysql -u root -h

  • mysql -u root -pP4SSw0rd -h

  • show databases; list databases

  • select version(); show the version

  • use <database>; select a database

  • show tables; list the tables

  • show columns from <table>;

  • select * from <table>;

  • select * from <table> where <column> = "<string>"; Example:select host, unique_users from host_summary;

Last updated