Solving From SQL injection to Shell III: PostgreSQL Edition

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using Ghostscript

PRO

content

MEDIUM

Difficulty

Between 2 and 4 hours

on average

32

Completed this exercise

Common Mistakes:

Make sure you replace the full netcat command with the score command followed by your UUID: /usr/local/bin/score ....

Online access to this exercise is only available with PentesterLab PRO

Learn more about PentesterLab PRO