PostgreSQL

Demonstration of sqlmap command execution features: sqlmap is launched against a PHP test page hosted on a Debian GNU/Linux 5.0 server with back-end database management system being PostgreSQL 8.4. The tool is instructed to identify possible SQL injections and exploit them by executing a command on the database server operating system. sqlmap first uploads a dynamic-linked library (DLL) used to create two user-defined functions (sys_exec() and sys_eval()) in the database. Then it asks the user if he wants to retrieve the command standard output. If the answer is positive, sqlmap executes the command once and stores its standard output in a support table. Either boolean-based blind SQL injection or UNION query SQL injection technique is used to dump the entry of this table and delete it afterwards. This technique is also implemented for MySQL. On Microsoft SQL Server, xp_cmdshell extended stored procedure is used to execute commands on the underlying operating system. sqlmap, sqlmap.sourceforge.net, is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

A detailed look at how to implement asynchronous, master-slave replication in PostgreSQL using Slony-I, along with analysis of how this differs from using PGCluster for replication.

After nearly one month testing, we finally sent out pgpool-II 3.0 to the door on September 10, 2010. On that day SRA OSS, Inc. ...

- Installer les dependances necessaire a la compilation : - Telecharger les sources sur http://pgpool.projects.postgresql.org/ puis les decompresser - (Pad's Blog: Compiler pgpool II 3.0.1 sous Debian http://bit.ly/eQztca pgpool)

I did a little bit of work Tuesday night and Wednesday profiling PostgreSQL.  I ran two different tests.  The first ...

Run an efficient PostgreSQL database using Packt's new book. PostgreSQL 9.0 Administration Cookbook is a new book from Packt which offers the information the readers need to manage their live production databases on PostgreSQL. - PR11116012 (Run an efficient PostgreSQL database using Packt's new book: PRLog (Press Release) – Dec 01, 2010 – PostgreSQL 9... http://bit.ly/hGkPvt)

Life at a belgian navigation startup (Move a PostgreSQL database to a different tablespace | Routing Life: SELECT * FROM "pg_tables"; http://bit.ly/hOHqXw)

I have written a tutorial to pgpool-II using PostgreSQL 9.0's streaming replication. The tutorial is designed to use minimum ...

You certainly know that implementing dynamic triggers in PLpgSQL is
impossible. But I had a very bad night, being up from as ...