Pgadmin on Sitihttps://siti.pages.dev/tags/pgadmin/Recent content in Pgadmin on SitiHugoidMon, 23 Feb 2026 00:00:00 +0000Exposed Database Panels: Adminer, phpMyAdmin & pgAdminhttps://siti.pages.dev/docs/exposed-db-panels/Mon, 23 Feb 2026 00:00:00 +0000https://siti.pages.dev/docs/exposed-db-panels/<h2 id="daftar-isi">Daftar Isi</h2> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#bab-1--menemukan-panel-yang-terekspos">Bab 1 — Menemukan Panel yang Terekspos</a> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#11-apa-itu-adminer--phpmyadmin">1.1 Apa itu Adminer &amp; phpMyAdmin</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#12-mengapa-sering-terekspos">1.2 Mengapa Sering Terekspos</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#13-dorking-google">1.3 Dorking: Google</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#14-dorking-shodan">1.4 Dorking: Shodan</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#15-dorking-fofa--censys--zoomeye">1.5 Dorking: FOFA / Censys / ZoomEye</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#16-nuclei-templates">1.6 Nuclei Templates</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#17-manual-discovery-via-path-bruteforce">1.7 Manual Discovery via Path Bruteforce</a></li> </ul> </li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#bab-2--eksploitasi-adminer">Bab 2 — Eksploitasi Adminer</a> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#21-versi--kerentanan">2.1 Versi &amp; Kerentanan</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#22-default--weak-credentials">2.2 Default / Weak Credentials</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#23-cve-2021-21311--ssrf">2.3 CVE-2021-21311 — SSRF</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#24-adminer-file-read-rogue-mysql-server">2.4 Adminer File Read (Rogue MySQL Server)</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#25-login-tanpa-password-mysql-empty-root">2.5 Login tanpa Password (MySQL Empty Root)</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#26-post-login-database-ke-shell">2.6 Post-Login: Database ke Shell</a></li> </ul> </li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#bab-3--eksploitasi-phpmyadmin">Bab 3 — Eksploitasi phpMyAdmin</a> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#31-versi--kerentanan">3.1 Versi &amp; Kerentanan</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#32-default--weak-credentials">3.2 Default / Weak Credentials</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#33-cve-2018-12613--local-file-inclusion">3.3 CVE-2018-12613 — Local File Inclusion</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#34-cve-2016-5734--rce-via-preg_replace">3.4 CVE-2016-5734 — RCE via preg_replace</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#35-post-login-sql-query-ke-webshell">3.5 Post-Login: SQL Query ke Webshell</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#36-post-login-select-into-outfile">3.6 Post-Login: SELECT INTO OUTFILE</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#37-post-login-general-log-trick">3.7 Post-Login: General Log Trick</a></li> </ul> </li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#bab-4--post-exploitation">Bab 4 — Post-Exploitation</a> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#41-dari-database-access-ke-data-dump">4.1 Dari Database Access ke Data Dump</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#42-dari-database-ke-shell-rce">4.2 Dari Database ke Shell (RCE)</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#43-privilege-escalation-dari-mysql-user">4.3 Privilege Escalation dari MySQL User</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#44-pivot-ke-aplikasi-web">4.4 Pivot ke Aplikasi Web</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#45-checklist-ringkasan">4.5 Checklist Ringkasan</a></li> </ul> </li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#bab-5--postgresql-pgadmin--eksploitasi-via-sql">Bab 5 — PostgreSQL: pgAdmin &amp; Eksploitasi via SQL</a> <ul> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#51-panel-yang-mengekspos-postgresql">5.1 Panel yang Mengekspos PostgreSQL</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#52-menemukan-pgadmin-yang-terekspos">5.2 Menemukan pgAdmin yang Terekspos</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#53-adminer--postgresql">5.3 Adminer + PostgreSQL</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#54-copy-from-program--rce-langsung">5.4 COPY FROM PROGRAM — RCE Langsung</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#55-file-read--write-via-large-object">5.5 File Read &amp; Write via Large Object</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#56-file-read-via-pg_read_file--pg_ls_dir">5.6 File Read via pg_read_file &amp; pg_ls_dir</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#57-rce-via-procedural-languages-plpythonu--plperlu">5.7 RCE via Procedural Languages (plpythonu / plperlu)</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#58-extension-abuse-dblink">5.8 Extension Abuse: dblink</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#59-extension-abuse-adminpack--pg_execute_server_program">5.9 Extension Abuse: adminpack &amp; pg_execute_server_program</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#510-privilege-escalation-di-postgresql">5.10 Privilege Escalation di PostgreSQL</a></li> <li><a href="https://siti.pages.dev/docs/exposed-db-panels/#511-checklist-postgresql">5.11 Checklist PostgreSQL</a></li> </ul> </li> </ul> <hr> <h2 id="bab-1--menemukan-panel-yang-terekspos">Bab 1 — Menemukan Panel yang Terekspos</h2> <h3 id="11-apa-itu-adminer--phpmyadmin">1.1 Apa itu Adminer &amp; phpMyAdmin</h3> <table> <thead> <tr> <th>Tool</th> <th>Deskripsi</th> <th>File</th> </tr> </thead> <tbody> <tr> <td><strong>Adminer</strong></td> <td>Database management dalam 1 file PHP. Support MySQL, PostgreSQL, SQLite, MS SQL, Oracle</td> <td><code>adminer.php</code> (single file)</td> </tr> <tr> <td><strong>phpMyAdmin</strong></td> <td>Web interface untuk MySQL/MariaDB. Lebih lengkap, lebih berat</td> <td>Folder <code>/phpmyadmin/</code></td> </tr> </tbody> </table> <p>Keduanya digunakan developer untuk mengelola database via browser. Masalahnya — sering <strong>lupa dihapus</strong> atau <strong>tidak dilindungi</strong> di production server.</p>