admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
945b030be305c42e24f2bf4e6e0a4765d270b112
nuclei-templates/javascript/default-logins/postgres-default-logins.yaml
GitHub Action 945b030be3 Auto Template Signing [Fri Mar 15 05:17:37 UTC 2024] 🤖
2024-03-15 05:17:38 +00:00

45 lines
1.2 KiB
YAML
Raw Blame History

id: postgres-default-logins
info:
name: Postgres - Default Logins
author: Ice3man
severity: high
description: |
Postgres service was accessed with easily guessed credentials.
metadata:
max-request: 9
shodan-query: port:5432
tags: js,postgresql,default-login,network
javascript:
- pre-condition: |
var m = require("nuclei/postgres");
var c = m.PGClient();
c.IsPostgres(Host, Port);
code: |
var m = require("nuclei/postgres");
var c = m.PGClient();
c.Connect(Host, Port, User, Pass);
args:
Host: "{{Host}}"
Port: "5432"
User: "{{usernames}}"
Pass: "{{passwords}}"
attack: clusterbomb
payloads:
usernames:
- "postgres"
- "admin"
passwords:
- "password"
- "secret"
- "admin"
- "postgres"
stop-at-first-match: true
matchers:
- type: dsl
dsl:
- "response == true"
- "success == true"
condition: and
# digest: 4b0a00483046022100d0f747a5e44225e98ef0c6e1ac2bc5b3062059df0e76461ed1229a0cacf48031022100be3578b1aba2bc5f75ba436ad5e3863e00b395128bbeb56e1cff4d9cc024249c:922c64590222798bb761d5b6d8e72950
Reference in New Issue View Git Blame Copy Permalink