slight syntax updates to md

GSoC/Meterpreter_Web_Console
h00die 2018-08-23 21:34:48 -04:00
parent 809a15541c
commit a866bdd09d
1 changed files with 11 additions and 6 deletions

View File

@ -1,16 +1,21 @@
## Description
This module is used to access the password hashes in use within a PostgreSQL database. This occurs via the PostgreSQL API, which by default runs on port 5432. Access to the `pg_shadow` system catalog is usually restricted to database superusers only.
This module is used to access the password hashes in use within a PostgreSQL database.
This occurs via the PostgreSQL API, which by default runs on port 5432.
Access to the `pg_shadow` system catalog is usually restricted to database superusers only.
## Vulnerable Application
### Installation of PostgreSQL on Kali Linux:
While many versions of Kali Linux come with a PostgreSQL installation out of the box, in the event that you are using a containerized Kali Linux or other minimal installation, installation and setup of PostgreSQL is required
While many versions of Kali Linux come with a PostgreSQL installation out of the box, in the event that you
are using a containerized Kali Linux or other minimal installation, installation and setup of PostgreSQL is required.
The following instructions assume you are beginning with a fresh Kali installation as the root user.
1. `apt-get update`
2. `apt-get install postgresql`
3. `systemctl start postgresql`
At this point, PostgreSQL is installed and the installation has created the necessary user accounts to run the server. This is where most users would begin the verification process. At this point, we'll setup a user account for use within the `postgres_hashdump` module
At this point, PostgreSQL is installed and the installation has created the necessary user accounts to run the server.
This is where most users would begin the verification process. At this point, we'll setup a user account for use within the `postgres_hashdump` module
4. `sudo --login --user postgres`
5. `psql`
@ -22,8 +27,7 @@ At this point, PostgreSQL is installed and the installation has created the nece
3. `set RPORT [port]`
4. `set USERNAME [username]`
5. `set PASSWORD [password]`
4. `run`
6. `run`
## Scenarios
### PostgreSQL 10.4 on Kali Linux
@ -50,7 +54,8 @@ msf auxiliary(scanner/postgres/postgres_hashdump) > run
## Confirming
### [postgresql](https://www.postgresql.org/docs/8.3/static/view-pg-shadow.html)
```
```
# sudo --login --user postgres psql
psql (10.4 (Debian 10.4-2))
Type "help" for help.