From 7432ca36838742dc33d23126473c3a3cd60eedbf Mon Sep 17 00:00:00 2001
From: CPol <carlospolop@gmail.com>
Date: Tue, 8 Nov 2022 23:13:00 +0000
Subject: [PATCH] GitBook: [#3658] No subject

---
 .../pentesting-postgresql.md                  | 95 ++++++++++---------
 1 file changed, 49 insertions(+), 46 deletions(-)

diff --git a/network-services-pentesting/pentesting-postgresql.md b/network-services-pentesting/pentesting-postgresql.md
index 3a8338de..dc4ee8f4 100644
--- a/network-services-pentesting/pentesting-postgresql.md
+++ b/network-services-pentesting/pentesting-postgresql.md
@@ -64,6 +64,9 @@ SELECT lanname,lanacl FROM pg_language;
 
 # Show installed extensions
 SHOW rds.extensions;
+
+# Get history of commands executed
+\s
 ```
 
 For more information about **how to abuse a PostgreSQL database** check:
@@ -81,6 +84,52 @@ msf> use auxiliary/scanner/postgres/postgres_dbname_flag_injection
 
 ### [**Brute force**](../generic-methodologies-and-resources/brute-force.md#postgresql)
 
+### **Port scanning**
+
+According to [**this research**](https://www.exploit-db.com/papers/13084), when a connection attempt fails, `dblink` throws an `sqlclient_unable_to_establish_sqlconnection` exception including an explanation of the error. Examples of these details are listed below.
+
+```sql
+SELECT * FROM dblink_connect('host=1.2.3.4
+                              port=5678
+                              user=name
+                              password=secret
+                              dbname=abc
+                              connect_timeout=10');
+```
+
+* Host is down
+
+`DETAIL: could not connect to server: No route to host Is the server running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?`
+
+* Port is closed
+
+```
+DETAIL:  could not connect to server: Connection refused Is  the  server
+running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?
+```
+
+* Port is open
+
+```
+DETAIL:  server closed the connection unexpectedly This  probably  means
+the server terminated abnormally before or while processing the request
+```
+
+or
+
+```
+DETAIL:  FATAL:  password authentication failed for user "name"
+```
+
+* Port is open or filtered
+
+```
+DETAIL:  could not connect to server: Connection timed out Is the server
+running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?
+```
+
+Unfortunately, there does not seem to be a way of getting the exception details within a PL/pgSQL function. But you can get the details if you can connect directly to the PostgreSQL server. If it is not possible to get usernames and passwords directly out of the system tables, the wordlist at- tack described in the previous section might prove successful.
+
 ## Enumeration of Privileges
 
 ### Roles
@@ -192,52 +241,6 @@ ORDER BY routines.routine_name, parameters.ordinal_position;
 SELECT * FROM pg_proc;
 ```
 
-### **Port scanning**
-
-According to [**this research**](https://www.exploit-db.com/papers/13084), when a connection attempt fails, `dblink` throws an `sqlclient_unable_to_establish_sqlconnection` exception including an explanation of the error. Examples of these details are listed below.
-
-```sql
-SELECT * FROM dblink_connect('host=1.2.3.4
-                              port=5678
-                              user=name
-                              password=secret
-                              dbname=abc
-                              connect_timeout=10');
-```
-
-* Host is down
-
-`DETAIL: could not connect to server: No route to host Is the server running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?`
-
-* Port is closed
-
-```
-DETAIL:  could not connect to server: Connection refused Is  the  server
-running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?
-```
-
-* Port is open
-
-```
-DETAIL:  server closed the connection unexpectedly This  probably  means
-the server terminated abnormally before or while processing the request
-```
-
-or
-
-```
-DETAIL:  FATAL:  password authentication failed for user "name"
-```
-
-* Port is open or filtered
-
-```
-DETAIL:  could not connect to server: Connection timed out Is the server
-running on host "1.2.3.4" and accepting TCP/IP connections on port 5678?
-```
-
-Unfortunately, there does not seem to be a way of getting the exception details within a PL/pgSQL function. But you can get the details if you can connect directly to the PostgreSQL server. If it is not possible to get usernames and passwords directly out of the system tables, the wordlist at- tack described in the previous section might prove successful.
-
 ## **Postgres Privesc**
 
 ### CREATEROLE Privesc