commit
c9f8fa0e41
|
@ -2,7 +2,7 @@ id: pgsql-detect
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: PostgreSQL Authentication - Detect
|
name: PostgreSQL Authentication - Detect
|
||||||
author: nybble04
|
author: nybble04,geeknik
|
||||||
severity: info
|
severity: info
|
||||||
description: |
|
description: |
|
||||||
PostgreSQL authentication error messages which could reveal information useful in formulating further attacks were detected.
|
PostgreSQL authentication error messages which could reveal information useful in formulating further attacks were detected.
|
||||||
|
@ -35,6 +35,8 @@ tcp:
|
||||||
- type: word
|
- type: word
|
||||||
part: body
|
part: body
|
||||||
words:
|
words:
|
||||||
|
- "C0A000" # Error code for unsupported frontend protocol
|
||||||
|
- "C08P01" # Error code for invalide startup packet layout
|
||||||
- "28000" # Error code for invalid_authorization_specification
|
- "28000" # Error code for invalid_authorization_specification
|
||||||
- "28P01" # Error code for invalid_password
|
- "28P01" # Error code for invalid_password
|
||||||
- "SCRAM-SHA-256" # Authentication prompt
|
- "SCRAM-SHA-256" # Authentication prompt
|
||||||
|
@ -47,4 +49,4 @@ tcp:
|
||||||
words:
|
words:
|
||||||
- "HTTP/1.1"
|
- "HTTP/1.1"
|
||||||
negative: true
|
negative: true
|
||||||
# digest: 4a0a004730450221008f9405896abfcad38281d0093602f221a2df113283f5040c3effc1650748ecf102206a0828fc90cc84123fa73d21ec6169e463ad68369c14945e87672a094cc03630:922c64590222798bb761d5b6d8e72950
|
# digest: 4a0a004730450221008f9405896abfcad38281d0093602f221a2df113283f5040c3effc1650748ecf102206a0828fc90cc84123fa73d21ec6169e463ad68369c14945e87672a094cc03630:922c64590222798bb761d5b6d8e72950
|
||||||
|
|
Loading…
Reference in New Issue