Database
The Database namespace allows mods to create and manage in-game databases. These databases are used by tools like sqlmap and the DatabaseManager app.
Required permission: network
Import
import { Database } from "@hotbunny/hackhub-content-sdk";Methods
Database.create(definition)
Create a new database. Returns the database ID.
| Parameter | Type | Description |
|---|---|---|
definition.host | string | Host IP the database is attached to |
definition.user | string | Database username |
definition.password | string | Database password |
definition.tables | Record<string, DatabaseRowDefinition[]> | Tables with rows |
const dbId = Database.create({
host: "10.40.0.12",
user: "admin",
password: "db_secret",
tables: {
users: [
{
id: { value: 1, type: "number" },
username: { value: "admin", type: "string" },
email: { value: "[email protected]", type: "string" },
password: { value: "hash_abc123", type: "string" },
},
{
id: { value: 2, type: "number" },
username: { value: "john", type: "string" },
email: { value: "[email protected]", type: "string" },
password: { value: "hash_456def", type: "string" },
},
],
sessions: [
{
token: { value: "abc123", type: "string" },
user_id: { value: 1, type: "number" },
},
],
},
});Database.remove(id)
Remove a database by its ID.
Database.remove(dbId);Database.addTable(databaseId, tableName, rows)
Add a new table to an existing database.
Database.addTable(dbId, "logs", [
{ timestamp: { value: 1700000000, type: "number" }, action: { value: "login", type: "string" } },
]);Database.addRow(databaseId, tableName, row)
Add a row to an existing table.
Database.addRow(dbId, "users", {
id: { value: 3, type: "number" },
username: { value: "newuser", type: "string" },
email: { value: "[email protected]", type: "string" },
password: { value: "hash_789ghi", type: "string" },
});Database.getAll()
Get summary info of all databases.
Returns: DatabaseInfo[]
Database.getByHost(host)
Find a database by its host IP.
Returns: DatabaseInfo | null
const db = Database.getByHost("10.40.0.12");
// { id: "...", host: "10.40.0.12", user: "admin", tables: ["users", "sessions"] }Database.getTableNames(databaseId)
List the table names in a database. Returns an empty array if the database is unknown.
Returns: string[]
Database.getTable(databaseId, tableName)
Read all rows of a table (a deep copy — mutating it won't affect the live database).
Returns: DatabaseRowDefinition[] | null
const rows = Database.getTable(dbId, "users");
rows?.forEach(row => console.log(row.username.value));Database.getRow(databaseId, tableName, rowIndex)
Read a single row by its index.
Returns: DatabaseRowDefinition | null
Database.getSchema(databaseId, tableName)
Read a table's column schema (name + value type), inferred from its rows.
Returns: DatabaseColumnInfo[] | null
const schema = Database.getSchema(dbId, "users");
// [{ name: "id", type: "number" }, { name: "username", type: "string" }, ...]Database.setTable(databaseId, tableName, rows)
Replace (or create) an entire table's rows in one shot.
Database.setTable(dbId, "users", [
{ id: { value: 1, type: "number" }, username: { value: "root", type: "string" } },
]);Database.updateCell(databaseId, tableName, rowIndex, column, value)
Update a single cell's value in an existing row.
Database.updateCell(dbId, "users", 0, "username", "superadmin");Database.updateRow(databaseId, tableName, rowIndex, row)
Replace an entire row at the given index.
Database.updateRow(dbId, "users", 0, {
id: { value: 1, type: "number" },
username: { value: "root", type: "string" },
});Database.deleteRow(databaseId, tableName, rowIndex)
Delete a row by its index.
Database.deleteRow(dbId, "users", 2);Database.dropTable(databaseId, tableName)
Drop (remove) a whole table from a database.
Database.dropTable(dbId, "sessions");Usage with sqlmap
For sqlmap to work on a target, you need:
- A subnet with
domain.vulnerabilitiescontainingSQL_INJECTION - An active MariaDB port (3306) on the router
- A database entry matching the subnet host
import { Network, Database } from "@hotbunny/hackhub-content-sdk";
// 1. Set vulnerability on the target
Network.setVulnerabilities("10.40.0.12", [{ type: "SQL_INJECTION" }]);
// 2. Ensure port 3306 is open (set during network creation or via openPort)
Network.openPort("104.16.0.1", 3306);
// 3. Create the database
Database.create({
host: "10.40.0.12",
user: "root",
password: "mysql_pass",
tables: {
users: [
{ id: { value: 1, type: "number" }, username: { value: "admin", type: "string" } },
],
},
});Types
DatabaseDefinition
interface DatabaseDefinition {
host: string;
user: string;
password: string;
tables: { [tableName: string]: DatabaseRowDefinition[] };
}DatabaseRowDefinition
interface DatabaseRowDefinition {
[column: string]: DatabaseCellDefinition;
}DatabaseCellDefinition
interface DatabaseCellDefinition {
value: string | number;
type: "string" | "number";
editable?: boolean;
maxLength?: number;
}DatabaseInfo
interface DatabaseInfo {
id: string;
host: string;
user: string;
tables: string[];
}DatabaseColumnInfo
interface DatabaseColumnInfo {
name: string;
type: "string" | "number";
}