Database - Techno Herder

Database Hacking 101

GaussDB Database Review

by TechnoHerder : July 15, 2023July 15, 2023 5 Comments

Walkthrough of the checks for a security review of a GaussDB database.

Database Network Attack

1433 – MSSQL – TCP

by TechnoHerder : May 17, 2023 Leave a comment

Various notes ranging from enumeration to building reverse shells for exploiting Microsoft SQL Server, MSSQL.

Database Pentest

MySQL – 3306 – TCP

by TechnoHerder : October 13, 2022April 1, 2023 Leave a comment

Common Commands Interesting Files Encoding Create, Read, or Update Files SQL Injection Payloads Basic Version Name from __Auth Collation Name Column Names Name and Reset Token Code Review Searching sucks in JD-GUI, so save the decompiled code for Notepad++. In JD-GUI, File > Save All Sources menu. Then open Notepad++ and use the ‘Find in […]

Database Network Attack

PostgreSQL – 5432 – TCP

by TechnoHerder : October 12, 2022April 1, 2023 Leave a comment

Login into postgres -U user-h host-d database \l – list databases\c [DataNase Name] – connect to database\dt – list datatables\q – quit/exit program\du – list users List of roles Role name Attributes postgres Superuser, Create role, Create DB, Replication, Bypass RLS webapp Superuser SELECT current_setting(‘is_superuser’); Auth Trust Open the file […]