Nmap Development mailing list archives
Re: pgsql-brute
From: David Fifield <david () bamsoftware com>
Date: Thu, 4 Mar 2010 11:06:21 -0700
On Thu, Mar 04, 2010 at 06:56:27PM +0100, Patrik Karlsson wrote:
On 4 mar 2010, at 17.44, David Fifield wrote:On Thu, Mar 04, 2010 at 04:46:21PM +0100, Patrik Karlsson wrote:Ok, so I'm guessing you set up the authentication method as "trust"? This means that the server won't ask for the credentials to access the DB. I wasn't handeling this properly, but I've fixed it now. If the trusted method is in use the script will report the user with no password as the admin user below: PORT STATE SERVICE 5432/tcp open postgresql | pgsql-brute: | admin => Trusted authentication |_ test:test => Login Correct Depending on the server setup, specifically if database and user are set to "all", all users may come back as "trusted authentication".You're right, that's what I did. Now I'm getting this output: PORT STATE SERVICE 5432/tcp open postgresql | pgsql-brute: | root:<empty> => Login Correct | admin:<empty> => Login Correct | administrator:<empty> => Login Correct | webadmin:<empty> => Login Correct | sysadmin:<empty> => Login Correct | netadmin:<empty> => Login Correct | guest:<empty> => Login Correct | user:<empty> => Login Correct | web:<empty> => Login Correct |_ test:<empty> => Login Correct That looks good; that's going to be a big red flag to anyone who's set up the database insecurely as I did. It works like this if I set the authentication method to "password" or "md5".Is this result with the latest script I posted or simply with the new library? I was kind of hoping you would see root => Trusted authentication instead of the <empty> password. That's what I'm seeing with the authentication method set to trusted.
Sorry, it must have been the old script. Here's the latest: PORT STATE SERVICE 5432/tcp open postgresql | pgsql-brute: | root => Trusted authentication | admin => Trusted authentication | administrator => Trusted authentication | webadmin => Trusted authentication | sysadmin => Trusted authentication | netadmin => Trusted authentication | guest => Trusted authentication | user => Trusted authentication | web => Trusted authentication |_ test => Trusted authentication David Fifield _______________________________________________ Sent through the nmap-dev mailing list http://cgi.insecure.org/mailman/listinfo/nmap-dev Archived at http://seclists.org/nmap-dev/
Current thread:
- pgsql-brute and PostgreSQL match lines Patrik Karlsson (Feb 06)
- Re: pgsql-brute and PostgreSQL match lines David Fifield (Feb 17)
- Re: pgsql-brute and PostgreSQL match lines Patrik Karlsson (Feb 20)
- Re: pgsql-brute and PostgreSQL match lines David Fifield (Feb 24)
- Re: pgsql-brute and PostgreSQL match lines Patrik Karlsson (Mar 04)
- Re: pgsql-brute David Fifield (Mar 04)
- Re: pgsql-brute Patrik Karlsson (Mar 04)
- Re: pgsql-brute David Fifield (Mar 04)
- Re: pgsql-brute Patrik Karlsson (Mar 04)
- Re: pgsql-brute and PostgreSQL match lines Patrik Karlsson (Feb 20)
- Re: pgsql-brute and PostgreSQL match lines David Fifield (Feb 17)