Merge pull request #8821 from geeknik/patch-4

Update pgsql-detect.yaml
patch-1
Dhiyaneshwaran 2023-12-14 22:47:20 +05:30 committed by GitHub
commit c9f8fa0e41
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 2 deletions

View File

@ -2,7 +2,7 @@ id: pgsql-detect
info: info:
name: PostgreSQL Authentication - Detect name: PostgreSQL Authentication - Detect
author: nybble04 author: nybble04,geeknik
severity: info severity: info
description: | description: |
PostgreSQL authentication error messages which could reveal information useful in formulating further attacks were detected. PostgreSQL authentication error messages which could reveal information useful in formulating further attacks were detected.
@ -35,6 +35,8 @@ tcp:
- type: word - type: word
part: body part: body
words: words:
- "C0A000" # Error code for unsupported frontend protocol
- "C08P01" # Error code for invalide startup packet layout
- "28000" # Error code for invalid_authorization_specification - "28000" # Error code for invalid_authorization_specification
- "28P01" # Error code for invalid_password - "28P01" # Error code for invalid_password
- "SCRAM-SHA-256" # Authentication prompt - "SCRAM-SHA-256" # Authentication prompt
@ -47,4 +49,4 @@ tcp:
words: words:
- "HTTP/1.1" - "HTTP/1.1"
negative: true negative: true
# digest: 4a0a004730450221008f9405896abfcad38281d0093602f221a2df113283f5040c3effc1650748ecf102206a0828fc90cc84123fa73d21ec6169e463ad68369c14945e87672a094cc03630:922c64590222798bb761d5b6d8e72950 # digest: 4a0a004730450221008f9405896abfcad38281d0093602f221a2df113283f5040c3effc1650748ecf102206a0828fc90cc84123fa73d21ec6169e463ad68369c14945e87672a094cc03630:922c64590222798bb761d5b6d8e72950