JS - pgsql

javascript/enumeration/pgsql/pgsql-default-db.yaml

@@ -0,0 +1,49 @@
+id: pgsql-default-db
+
+info:
+  name: Postgresql Default Database - Enumeration
+  author: pussycat0x
+  severity: high
+  description: |
+    Postgresql has a flaw that allows the attacker to login with empty password.
+  reference:
+    - https://www.tenable.com/plugins/nessus/104031
+  metadata:
+    shodan-query: product:"PostgreSQL"
+  tags: js,network,postgresql
+
+javascript:
+  - code: |
+      const postgres = require('nuclei/postgres');
+      const client = new postgres.PGClient;
+      connected = client.ConnectWithDB(Host, Port, User, Pass, Db);
+      connected  ;
+
+    args:
+      Host: "{{Host}}"
+      Port: 5432
+      User: "{{usernames}}"
+      Pass: "{{password}}"
+      Db: "{{database}}"
+
+    payloads:
+      usernames:
+        - postgres
+        - meow
+      database:
+        - foresight
+        - postgres
+        - template0
+        - template1
+        - test
+      password:
+        - postgres
+        -
+    attack: clusterbomb
+
+    matchers:
+      - type: dsl
+        dsl:
+          - "success == true"
+          - "response == true"
+        condition: and