π Final Report & Lessons Learned
1. Executive Summary
Sequel is a Tier 1 machine that demonstrates the security risks of exposing database services directly to the public internet, especially without authentication. It highlights how a simple misconfiguration in MariaDB/MySQL can lead to total data leakage.
2. Key Takeaways
- Technical takeaways: MySQL/MariaDB services should never be exposed to external networks without strict firewall rules and strong authentication. Use
--skip-sslif a remote database connection fails due to certificate errors. - Strategic takeaways: Databases often hold the most sensitive βcrown jewelsβ of an application (users, config, flags). Securing this layer is critical.
3. Remediation
- Bind to Localhost: Ensure that the database service is only listening on
127.0.0.1unless remote access is absolutely necessary. - Enforce Password Policy: Never allow the
rootuser (or any user) to connect without a strong, unique password. - Firewalling: Use a firewall (like
iptablesorufw) to restrict access to port 3306 to known, safe IP addresses. - Principle of Least Privilege: If remote access is needed, create a dedicated user with limited access to specific databases rather than using
root.
4. Skills Gained
- MySQL/MariaDB remote enumeration
- Basic SQL queries for data extraction
- Identifying unauthenticated root access
- Troubleshooting connection issues using client flags
Operations