SQL Fundamentals - Tryhackme writeup / walkthrough
Task 1 - Introduction
Q1. Teach me the basics of SQL!
No Answer Needed
Task 2 - Databases 101
Q1. What type of database should you consider using if the data you're going to be storing will vary greatly in its format?
Answer š Non-relational database
Q2. What type of database should you consider using if the data you're going to be storing will reliably be in the same structured format?
Answer š relational database
Q3. In our example, once a record of a book is inserted into our "Books" table, it would be represented as a ___ in that table?
Answer š row
Q4. Which type of key provides a link from one table to another?
Answer š foreign key
Q5. which type of key ensures a record is unique within a table?
Answer š primary key
Task 3 - SQL
Q1. What serves as an interface between a database and an end user?
Answer š DBMS
Q2. What query language can be used to interact with a relational database?
Answer š SQL
Task 4 - Database and Table Statements
Q1. Using the statement you've learned to list all databases, it should reveal a database with a flag for a name; what is it?
- As you read , run the query
show databases;to list out all the databases. - Flage is the name of first database.
Answer š THM{575a947132312f97b30ee5aeebba629b723d30f9}
Q2. In the list of available databases, you should also see the task_4_db database. Set this as your active database and list all tables in this database; what is the flag present here?
- Now this time we have to list out all tha tables of task_4_db table.
- Select the database in which are going to search using
use task_4_db;query. - Now list out all the tables using
show tables;query.
Answer š THM{692aa7eaec2a2a827f4d1a8bed1f90e5e49d2410}
Task 5 - CRUD Operations
Q1. Using the tools_db database, what is the name of the tool in the hacking_tools table that can be used to perform man-in-the-middle attacks on wireless networks?
Answer š Wi-Fi Pineapple
Q2. Using the tools_db database, what is the shared category for both USB Rubber Ducky and Bash Bunny?
Answer š USB attacks
Task 6 - Clauses
Q1. Using the tools_db database, what is the total number of distinct categories in the hacking_tools table?
Answer š 6
Q2. Using the tools_db database, what is the first tool (by name) in ascending order from the hacking_tools table?
Answer š Bash Bunny
Q3. Using the tools_db database, what is the first tool (by name) in descending order from the hacking_tools table?
Answer š Wi-Fi Pineapple
Task 7 - Operators
Q1. Using the tools_db database, which tool falls under the Multi-tool category and is useful for pentesters and geeks?
SELECT name FROM hacking_tools WHERE category = "Multi-tool" AND description LIKE "%pentesters%";
Answer š Flipper Zero
Q2. Using the tools_db database, what is the category of tools with an amount greater than or equal to 300?
SELECT category FROM hacking_tools where amount >= 300;
Answer š RFID cloning
Q3. Using the tools_db database, which tool falls under the Network intelligence category with an amount less than 100?
SELECT name FROM hacking_tools WHERE category = "Network intelligence" AND amount < 100;
Answer š Lan Turtle
Task 8 - Functions
Q1. Using the tools_db database, what is the tool with the longest name based on character length?
select name from hacking_tools order by length(name) desc;
Answer š USB Rubber Ducky
Q2. Using the tools_db database, what is the total sum of all tools?
Select SUM(amount) AS total FROM hacking_tools;
Answer š 1444
Q3. Using the tools_db database, what are the tool names where the amount does not end in 0, and group the tool names concatenated by " & ".
select GROUP_CONCAT(name SEPARATOR ' & ') AS groupped from hacking_tools where amount % 10 <> 0;
Answer š Flipper Zero & iCopy-XS
Task 9 - Conclusion
Q1. I'm ready to move forward and learn more about web application security.
No Answer Needed