← Back to search

PostgreSQL RCE / Reverse Shell

exploitationtool

Summary

Use the squid22 PostgreSQL_RCE script to turn authenticated PostgreSQL access (superuser COPY ... PROGRAM) into command execution and a reverse shell.

Walkthrough

With superuser access to PostgreSQL, the COPY ... TO/FROM PROGRAM feature allows arbitrary command execution, which this script automates into a reverse shell.

Steps

  1. Clone the PostgreSQL_RCE helper and point it at the target DB with valid credentials.
  2. Run it with a listener ready to receive the reverse shell.

Commands

bash

git clone https://github.com/squid22/PostgreSQL_RCE