MySQL

MySQL is a Relational Database Management System (RDBMS) that stores data in tables. Each table has rows (records) and columns (fields) that define the structure.

• MySQL works on a Client-Server Model, meaning there's a MySQL Server where the data is stored, and Clients (like applications or users) connect to this server to retrieve or modify data.

• MySQL listens on port 3306 by default.

• MySQL is widely used in web applications like WordPress, Linux, Apache, PHP (LAMP) or Nginx (LEMP)

MariaDB & MySQL:

MariaDB is a fork of MySQL, created after Oracle acquired MySQL. It remains widely used due to its compatibility and additional enhancements.

---

Footprinting the Service

sudo nmap 10.129.14.128 -sV -sC -p3306 --script mysql*

3306/tcp open  mysql
| mysql-brute:
|   Accounts:
|     root:<empty> - Valid credentials
|_  root account has empty password
# show root account is without password

to connect on database

1st way → if account without password

mysql -u root -h 10.129.14.128

2nd way → have password

mysql -u root -p0xpass -h 10.129.14.128

some command we can use it after we connect on database

show databases;
use mysql;
show tables;

---

Important MySQL Databases & Tables

• mysql → Stores system information, users, passwords, and privileges.

• information_schema → Metadata about tables, columns, indexes, etc.

• performance_schema → Logs and performance metrics.

• sys → Useful reports for performance monitoring.

Securing a MySQL Server

1️⃣ Change the Default MySQL Port (3306)

Edit MySQL config file:

sudo nano /etc/mysql/mysql.conf.d/mysqld.cnf

2️⃣ Disable Remote Root Login

UPDATE mysql.user SET Host='localhost' WHERE User='root';
FLUSH PRIVILEGES;

3️⃣ Set a Strong Password for Root

ALTER USER 'root'@'localhost' IDENTIFIED WITH mysql_native_password BY 'Str0ngP@ssw0rd!';

4️⃣ Block External Access to MySQL Port

sudo ufw deny 3306/tcp

5️⃣ Run MySQL Secure Installation Script

mysql_secure_installation