HTB Academy Footprinting MySQL

I can’t get my head around this “During our penetration test, we found weak credentials “robin:robin”. We should try these against the MySQL server. What is the email address of the customer “Otto Lang”?” … and this makes me feel super dumb.

I tried ‘mysql -u -p ’ with like a thousand different possibilities, changing ports, adding domain name, dozens of common username and mirrored, reversed, scrambled and whatever username as pass. I always get that same ‘ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/run/mysqld/mysqld.sock’ (2)’

Also tried nmap mysql-enum and mysql-brute scripts with the footprinting name list from the module.
Went back to SMTP enum to try and find mail address for Otto Lang.
Looked at HackTricks and Pentestmonkey to find if i missed some obvious.

What did I miss please ?

because the ip address using -h [ip address]


Sorry for late reply, but tried already with -h and didn’t go anywhere.

This is what i would get then : ERROR 1045 (28000): Access denied for user ‘robin’@‘10.10.XX.XX’ (using password: NO)

and if I try with the password…

ERROR 2002 (HY000): Can’t connect to local MySQL server through socket ‘/run/mysqld/mysqld.sock’ (2)

Were you able to fix this? Im having the same issue :confused:
Dai un occhiata alla documentazione :slight_smile:

1 Like

Meaning that server is down ???
Because that’s the kind of confirmation I was looking for. :wink:
I’ll check on it again today. If I still get the same result I’ll contact them in chat.

No hai capito male…:slight_smile: L’errore è nel modo in qui formuli il comando per collegarti…
Prova cosi mysql -h host -u user -p
(dopo la p non mettere la passw.Te la chiederà in seguito).


You’re right mate :v:
The problem was I wasn’t using -h for the host. It seems it’s missing in the command I’ve wrote for myself…because it is missing in one of the academy commands. @NPTG was right too. Lol
For some reason i thought -h was to be used for passwordless only :yum:
Thx for the help mate :wink:

Di nulla…
So cosa si prova a restare bloccati su una domanda :slight_smile:

Di nulla :slight_smile:

nice! :smiley:

Do Like This:
connect to user robin through ssh with pass robin
mysql -V – [For Version]
mysql -urobin -probin Note:- Don’t Give Space after -p
use customers;
show Tables;
select * from [table name];
copy and grep for otto