sqlmapproject / udfhack Goto Github PK
View Code? Open in Web Editor NEWDatabase takeover UDF repository
Database takeover UDF repository
If you get this error on Kali or debian based systems:
lib_postgresqludf_sys.c:34:10: fatal error: postgres.h: No such file or directory
34 | #include <postgres.h>
| ^~~~~~~~~~~~
compilation terminated.
Need to install postgres dev package.
Run the following where "XXX" is the version available to install from apt:
sudo apt-cache search postgresql-server-dev
sudo apt install postgresql-server-dev-XXX
Also run the following to locate where the file is after install
find / -name "postgres.h" -print 2>/dev/null
I would like to understand what is going on here. I've compiled and created the functions inside my database but for my propose it is not working. I would like to trigger a function to run a php script but it won't work here. Running my php script over terminal it works but calling sys_eval or sys_exec not.
For example:
$ psql -h 127.0.0.1 -p 5432 -U root
root-# select sys_exec('/usr/bin/php5 -e "/var/www/html/project/web/do_jobs.php" "/bin/cp /home/cassiano/Desktop/index.html /home/cassiano/"');
sys_exec
----------
0
(1 row)
And my test don't work, the php receive a parameter to run a system command and do others stuff. Running in shell the script works well.
When I run:
root=# select sys_eval('echo $UID');
sys_eval
----------
(1 row)
But in shell:
$ echo $UID
1000
It returns '1000'.
Another example: in shell and in sys_eval it returns the same result:
$ id
uid=1000(cassiano) gid=1000(cassiano) groups=1000(cassiano),4(adm),24(cdrom),27(sudo),30(dip),46(plugdev),108(lpadmin),124(sambashare)
root=# select sys_eval('id');
sys_eval
------------------------------------------------------------------------
uid=118(postgres) gid=128(postgres) groups=128(postgres),107(ssl-cert)
(1 row)
Is it something that I'm doing wrong?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.