nuclei-templates/network/misconfig/unauth-psql.yaml

37 lines
1.7 KiB
YAML
Raw Normal View History

2023-06-28 04:44:14 +00:00
id: unauth-psql
info:
name: PostgreSQL - Unauthenticated Access
author: pussycat0x
2023-07-01 13:35:09 +00:00
severity: high
2023-06-28 04:44:14 +00:00
description: |
Unauthenticated PostgreSQL Detected.
reference:
- https://www.postgresql.org/docs/9.6/auth-methods.html
metadata:
max-request: 2
2023-06-28 04:44:14 +00:00
shodan-query: port:5432 product:"PostgreSQL"
verified: "true"
2023-06-28 04:44:14 +00:00
tags: network,postgresql,db,unauth
tcp:
- inputs:
2023-06-28 05:24:50 +00:00
- data: "00000054000300007573657200706f73746772657300646174616261736500706f737467726573006170706c69636174696f6e5f6e616d65007073716c00636c69656e745f656e636f64696e6700555446380000" # default database postgres
2023-06-28 04:44:14 +00:00
type: hex
read: 1024
- data: "510000018e53454c45435420642e6461746e616d6520617320224e616d65222c0a2020202020202070675f636174616c6f672e70675f6765745f757365726279696428642e6461746462612920617320224f776e6572222c0a2020202020202070675f636174616c6f672e70675f656e636f64696e675f746f5f6368617228642e656e636f64696e67292061732022456e636f64696e67222c0a20202020202020642e646174636f6c6c6174652061732022436f6c6c617465222c0a20202020202020642e646174637479706520617320224374797065222c0a202020202020204e554c4c2061732022494355204c6f63616c65222c0a20202020202020276c6962632720415320224c6f63616c652050726f7669646572222c0a2020202020202070675f636174616c6f672e61727261795f746f5f737472696e6728642e64617461636c2c2045275c6e272920415320224163636573732070726976696c65676573220a46524f4d2070675f636174616c6f672e70675f646174616261736520640a4f5244455220425920313b00"
type: hex
read: 1024
host:
- "{{Hostname}}"
2023-06-28 05:02:46 +00:00
- "{{Host}}:5432"
2023-06-28 04:44:14 +00:00
matchers:
- type: word
part: raw
words:
- "Access privileges"
- "Locale Provider"
- "Owner"
2023-06-28 05:02:46 +00:00
condition: and