javascript/misconfiguration/pgsql/postgresql-empty-password.yaml

id: postgresql-empty-password

info:
  name: Postgresql Empty Password - Detect
  author: pussycat0x
  severity: critical
  description: |
    Postgresql has a flaw that allows the attacker to login with empty password.
  reference:
    - https://www.tenable.com/plugins/nessus/104031
  metadata:
    shodan-query: product:"PostgreSQL"
    verified: true
  tags: js,network,postgresql,authenticated

javascript:
  - code: |
      const postgres = require('nuclei/postgres');
      const client = new postgres.PGClient;
      const connected = client.Connect(Host, Port, User, Pass);
      connected;

    args:
      Host: "{{Host}}"
      Port: 5432
      User: "postgres"
      Pass: ""

    matchers:
      - type: dsl
        dsl:
          - "success == true"
          - "response == true"
        condition: and
JS - pgsql 2024-03-28 01:04:47 +05:30			`id: postgresql-empty-password`

			`info:`
			`name: Postgresql Empty Password - Detect`
			`author: pussycat0x`
Update 2024-03-29 13:29:52 +05:30			`severity: critical`
JS - pgsql 2024-03-28 01:04:47 +05:30			`description: \|`
			`Postgresql has a flaw that allows the attacker to login with empty password.`
			`reference:`
			`- https://www.tenable.com/plugins/nessus/104031`
			`metadata:`
			`shodan-query: product:"PostgreSQL"`
added metadata 2024-04-01 13:49:09 +05:30			`verified: true`
Update 2024-03-29 13:29:52 +05:30			`tags: js,network,postgresql,authenticated`
JS - pgsql 2024-03-28 01:04:47 +05:30
			`javascript:`
			`- code: \|`
			`const postgres = require('nuclei/postgres');`
			`const client = new postgres.PGClient;`
			`const connected = client.Connect(Host, Port, User, Pass);`
			`connected;`

			`args:`
			`Host: "{{Host}}"`
			`Port: 5432`
			`User: "postgres"`
Update 2024-03-29 13:29:52 +05:30			`Pass: ""`
JS - pgsql 2024-03-28 01:04:47 +05:30
			`matchers:`
			`- type: dsl`
			`dsl:`
			`- "success == true"`
			`- "response == true"`
lint -fix 2024-03-29 13:36:01 +05:30			`condition: and`