Postgresql Version - Detect

ID: pgsql-version-detect

Severity: high

Author: pussycat0x

Tags: js,network,postgresql,enum,authenticated

Description

Detect Postgresql Version.

YAML Source

id: pgsql-version-detect

info:
  name: Postgresql Version - Detect
  author: pussycat0x
  severity: high
  description: |
    Detect Postgresql Version.
  reference:
    - https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/SQL%20Injection/PostgreSQL%20Injection.md#postgresql-version
  metadata:
    verified: true
    max-request: 8
    shodan-query: "product:\"PostgreSQL\""
  tags: js,network,postgresql,enum,authenticated

javascript:
  - pre-condition: |
      isPortOpen(Host,Port);
    code: |
      const postgres = require('nuclei/postgres');
      const client = new postgres.PGClient;
      connected =  client.ExecuteQuery(Host, Port, User, Pass, Db, "select version();");
      Export(connected);

    args:
      Host: "{{Host}}"
      Port: 5432
      User: "{{usernames}}"
      Pass: "{{password}}"
      Db: "{{database}}"

    payloads:
      usernames:
        - postgres
        - admin
      password:
        - postgres
        -
        - 123
        - amber
      database:
        - postgres

    attack: clusterbomb

    extractors:
      - type: json
        json:
          - '.Rows[0].version'
# digest: 4a0a0047304502204ba5d9ed3dafee6bc323f45468eff859e44f6e8773790e47e625d29685654c79022100b5e6a7a4e611537a7070c423e88343c9ae35dfb7f01d51fa3997b8231daf1433:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "javascript/enumeration/pgsql/pgsql-version-detect.yaml"

View on Github