Casandra DB Pentest - Port 9042

 

Install Cqlsh
sudo apt update
sudo apt install openjdk-8-jdk
sudo apt install apt-transport-https
wget -q -O - https://www.apache.org/dist/cassandra/KEYS | sudo apt-key add -
sudo sh -c 'echo "deb http://www.apache.org/dist/cassandra/debian 311x main" > /etc/apt/sources.list.d/cassandra.list'
sudo apt update
sudo apt install cassandra

Commands to Get Data 
sudo cqlsh 10.10.10.10

#List DB
SELECT keyspace_name FROM system.schema_keyspaces;
SELECT * FROM system.schema_keyspaces ;

#select DB 
use DB_NAME;
 use system_auth;

#list tables from databsae/keyspace system
SELECT columnfamily_name FROM system.schema_columnfamilies WHERE keyspace_name ='system';
 
#list tables and columns
SELECT column_name, type, validator FROM system.schema_columns WHERE keyspace_name = 'system_auth' AND columnfamily_name = 'roles';
 
#list DB hashes
 SELECT * from system_auth.roles

Ref: Configuring firewall port access | Apache Cassandra 3.0 (datastax.com) 

Public port
Port number.
Description
22
SSH port
Cassandra inter-node ports
Port number.
Description
7000
Cassandra inter-node cluster communication.
7001
Cassandra SSL inter-node cluster communication.
7199
Cassandra JMX monitoring port.
Cassandra client ports
Port number.
Description
9042
Cassandra client port.
9160
Cassandra client port (Thrift).
9142
Default for native_transport_port_ssl, useful when both encrypted and unencrypted connections are required