Merge pull request #755 from n3rada/patch-1

PostgreSQL privilege list update
This commit is contained in:
Swissky 2024-11-07 18:42:46 +01:00 committed by GitHub
commit ffa5ea764a
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -76,9 +76,14 @@ SELECT usename, passwd FROM pg_shadow
SELECT usename FROM pg_user WHERE usesuper IS TRUE SELECT usename FROM pg_user WHERE usesuper IS TRUE
``` ```
## PostgreSQL List Privileges ## PostgreSQL List Privileges
Gather information from the [`pg_user`](https://www.postgresql.org/docs/current/view-pg-user.html) table:
```sql ```sql
SELECT usename, usecreatedb, usesuper, usecatupd FROM pg_user SELECT * FROM pg_user
```
Retrieve all table-level privileges for the current user, excluding tables in system schemas like `pg_catalog` and `information_schema`:
```sql
SELECT * FROM information_schema.role_table_grants WHERE grantee = current_user AND table_schema NOT IN ('pg_catalog', 'information_schema');
``` ```
## PostgreSQL Check if Current User is Superuser ## PostgreSQL Check if Current User is Superuser
@ -277,4 +282,4 @@ SELECT $TAG$This is another string$TAG$
- [Postgres SQL Injection Cheat Sheet - @pentestmonkey - August 23, 2011](http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet) - [Postgres SQL Injection Cheat Sheet - @pentestmonkey - August 23, 2011](http://pentestmonkey.net/cheat-sheet/sql-injection/postgres-sql-injection-cheat-sheet)
- [PostgreSQL 9.x Remote Command Execution - dionach - October 26, 2017](https://www.dionach.com/blog/postgresql-9-x-remote-command-execution/) - [PostgreSQL 9.x Remote Command Execution - dionach - October 26, 2017](https://www.dionach.com/blog/postgresql-9-x-remote-command-execution/)
- [SQL Injection /webApp/oma_conf ctx parameter - Sergey Bobrov (bobrov) - December 8, 2016](https://hackerone.com/reports/181803) - [SQL Injection /webApp/oma_conf ctx parameter - Sergey Bobrov (bobrov) - December 8, 2016](https://hackerone.com/reports/181803)
- [SQL Injection and Postgres - An Adventure to Eventual RCE - Denis Andzakovic - May 5, 2020](https://pulsesecurity.co.nz/articles/postgres-sqli) - [SQL Injection and Postgres - An Adventure to Eventual RCE - Denis Andzakovic - May 5, 2020](https://pulsesecurity.co.nz/articles/postgres-sqli)