Az - MySQL Databases

Reading time: 6 minutes

tip

Jifunze na fanya mazoezi ya AWS Hacking:HackTricks Training AWS Red Team Expert (ARTE)
Jifunze na fanya mazoezi ya GCP Hacking: HackTricks Training GCP Red Team Expert (GRTE) Jifunze na fanya mazoezi ya Azure Hacking: HackTricks Training Azure Red Team Expert (AzRTE)

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

Azure MySQL

Azure Database for MySQL ni huduma ya hifadhidata ya uhusiano inayosimamiwa kikamilifu inayotegemea MySQL Community Edition, iliyoundwa kutoa upanuzi, usalama, na kubadilika kwa mahitaji mbalimbali ya programu. Ina mifano miwili tofauti ya kutekeleza:

Single Server (iko kwenye njia ya kustaafu):

Imeboreshwa kwa ajili ya kutekeleza MySQL kwa gharama nafuu na rahisi kusimamia.
Vipengele vinajumuisha nakala za kiotomatiki, upatikanaji wa juu, na ufuatiliaji wa msingi.
Inafaa kwa programu zenye mzigo unaoweza kutabiriwa.

Flexible Server:

Inatoa udhibiti zaidi juu ya usimamizi wa hifadhidata na usanidi.
Inasaidia upatikanaji wa juu (same-zone na zone-redundant).
Vipengele vinajumuisha upanuzi wa elastic, usimamizi wa patch, na kuboresha mzigo.
Inatoa kazi ya kusitisha/kuzindua kwa ajili ya akiba ya gharama.

Key Features

Server Management: Kipengele cha ad-admin kinaruhusu kusimamia wasimamizi wa Azure Entra ID kwa seva za MySQL, kikitoa udhibiti juu ya ufikiaji wa kiutawala kupitia akreditivu za Entra ID. Mysql inasaidia User Managed Identities, inayotumika kuthibitisha bila haja ya akreditivu, na inaweza kutumika na huduma nyingine.
Lifecycle Management: chaguzi za kuanzisha au kusitisha seva, kufuta mfano wa seva ya kubadilika, kuanzisha tena seva ili haraka kutekeleza mabadiliko ya usanidi, na kusubiri kuhakikisha seva inakidhi masharti maalum kabla ya kuendelea na scripts za automatisering.
Security and Networking: Linda seva yako kwa kupunguza mawasiliano kupitia sheria za firewall ambazo zinaruhusu tu anwani maalum za IP za umma, au kwa kutumia mwisho wa kibinafsi ambao unashirikisha seva yako katika mtandao wa virtual. Mawasiliano yote yanahifadhiwa kwa usalama kwa kutumia TLS 1.2 encryption. Hifadhidata, nakala za akiba, na kumbukumbu zinahifadhiwa kwa usalama kwa kutumia funguo zinazosimamiwa na huduma au funguo za kawaida.
Data Protection and Backup: inajumuisha chaguzi za kusimamia nakala za akiba za seva ya kubadilika kwa ajili ya urejeleaji wa data, kufanya geo-restore ili kurejesha seva katika eneo tofauti, kusafirisha nakala za akiba za seva kwa matumizi ya nje (katika Preview), na kurejesha seva kutoka kwa akiba hadi wakati maalum.

Enumeration

bash

# List all flexible-servers
az mysql flexible-server db list --resource-group <resource-group-name>
# List databases in a flexible-server
az mysql flexible-server db list --resource-group <resource-group-name> --server-name <server_name>
# Show specific details of a MySQL database
az mysql flexible-server db show --resource-group <resource-group-name> --server-name <server_name> --database-name <database_name>

# List firewall rules of the a server
az mysql flexible-server firewall-rule list --resource-group <resource-group-name> --name <server_name>

# List all ad-admin in a server
az mysql flexible-server ad-admin list --resource-group <resource-group-name> --server-name <server_name>
# List all user assigned managed identities from the server
az mysql flexible-server identity list --resource-group <resource-group-name> --server-name <server_name>

# List the server backups
az mysql flexible-server backup list --resource-group <resource-group-name> --name <server_name>
# List all read replicas for a given server
az mysql flexible-server replica list --resource-group <resource-group-name> --name <server_name>

# Get the server's advanced threat protection setting
az mysql flexible-server advanced-threat-protection-setting show --resource-group <resource-group-name> --name <server_name>
# List all of the maintenances of a flexible server
az mysql flexible-server maintenance list --resource-group <resource-group-name> --server-name <server_name>
# List log files for a server.
az mysql flexible-server server-logs list --resource-group <resource-group-name> --server-name <server_name>

bash

Get-Command -Module Az.MySql

# Get all flexible servers in a resource group
Get-AzMySqlFlexibleServer -ResourceGroupName <resource-group-name>

# List databases in a specific flexible server
Get-AzMySqlFlexibleServerDatabase -ResourceGroupName <resource-group-name> -ServerName <server_name>

# Get details of a specific database in a flexible server
Get-AzMySqlFlexibleServerDatabase -ResourceGroupName <resource-group-name> -ServerName <server_name> -DatabaseName <database_name>

# List all firewall rules for a flexible server
Get-AzMySqlFlexibleServerFirewallRule -ResourceGroupName <resource-group-name> -ServerName <server_name>

# Get the identity information of a flexible server
Get-AzMySqlFlexibleServerIdentity -ResourceGroupName <resource-group-name> -ServerName <server_name>

# Get the server's advanced threat protection setting
Get-AzMySqlFlexibleServerAdvancedThreatProtection -ResourceGroupName <resource-group-name> -ServerName <server_name>

# List configuration settings of a flexible server
Get-AzMySqlFlexibleServerConfiguration -ResourceGroupName <resource-group-name> -ServerName <server_name>
# Get the connection string for a flexible server
Get-AzMySqlFlexibleServerConnectionString -ResourceGroupName <resource-group-name> -ServerName <server_name> -Client <client>

# List all read replicas for a given server
Get-AzMySqlFlexibleServerReplica -ResourceGroupName <resource-group-name> -ServerName <server_name>

# Get the maintenance window details for a flexible server
Get-AzMySqlFlexibleServerMaintenanceWindow -ResourceGroupName <resource-group-name> -ServerName <server_name>

# List log files for a server
Get-AzMySqlFlexibleServerLog -ResourceGroupName <resource-group-name> -ServerName <server_name>

Connection

Kwa nyongeza rdbms-connect unaweza kufikia database kwa:

bash

az mysql flexible-server connect -n <server-name> -u <username> -p <password> --interactive

#or execute commands
az mysql flexible-server execute \
-n <server-name> \
-u <username> \
-p "<password>" \
-d <database-name> \
--querytext "SELECT * FROM <table-name>;"

Au kwa kutumia nyongeza ya asili ya MySQL

bash

mysql -h <server-name>.mysql.database.azure.com -P 3306 -u <username> -p

Pia unaweza kutekeleza maswali na github lakini nenosiri na mtumiaji pia vinahitajika. Unahitaji kuandaa faili ya sql yenye swali la kutekeleza na kisha:

bash

# Setup
az mysql flexible-server deploy setup \
-s <server-name> \
-g <resource-group> \
-u <admin-user> \
-p "<admin-password>" \
--sql-file <path-to-sql-file> \
--repo <github-username/repository-name> \
--branch <branch-name> \
--action-name <action-name> \
--allow-push

# Run it
az mysql flexible-server deploy run \
--action-name <action-name> \
--branch <branch-name>

Kuinua Mamlaka

Az - MySQL Privesc

Baada ya Kutekeleza

Az - MySQL Post Exploitation

Kufanya

Angalia njia ya kupata ufikiaji na mysql flexible-server ad-admin ili kuthibitisha ni njia ya kuinua mamlaka

tip

Support HackTricks

Angalia mpango wa usajili!
Jiunge na 💬 kikundi cha Discord au kikundi cha telegram au tufuatilie kwenye Twitter 🐦 @hacktricks_live.
Shiriki mbinu za hacking kwa kuwasilisha PRs kwa HackTricks na HackTricks Cloud repos za github.

HackTricks Cloud