Questions about this topic? Sign up to ask in the talk tab.

SQL injection/Target Environments/Mapping/PostgreSQL

From NetSec
Jump to: navigation, search
back to SQL injection


PostgreSQL has the current_database() function in stead of the database() function.

  • \dn equivalent:
SELECT schema_name FROM information_schema.schemata WHERE catalog_name=[DATABASE name]
  • \dt equivalent:
SELECT TABLE_NAME FROM information_schema.tables table_type='BASE TABLE' AND table_schema=([schema_query]) AND catalog_name=[DATABASE name]
  • \d [column_name] equivalent:
SELECT column_name FROM information_schema.columns WHERE TABLE_NAME=([table_query]) AND table_schema=([schema_query]) AND catalog_name=[database_name]