Attacking PostgreSQL Database

vishnuraj
vishnuraj
Jul 16, 2018 · 2 min read

This is write up in which I’ll explain a vulnerability I recently found, and reported through oracle bug bounty program.

Vulnerability Explanation:

PostgreSQL is a database that comes with MacOS X Lion, as a default standard database. According to wikipedia the majority of Linux distributions have the PostgreSQL in the supplied packages.So besides the regular databases (Oracle,MySQL etc.) there will be times as a penetration tester that we will need to assess and this database

Network Mapping :

Lets say that we have perform a port scan on a server and we have identify that is running a PostgreSQL database at port 5432

Vulnerability Identification :

We will try a brute force attack in order to discover any weak credentials that will allow us then to connect to the database.We will open the metasploit framework and we will use the postgres_login scanner.

Penetration

Now that we have a valid username and password we can use that to connect to the database by using a psql client.The first query that we want to execute is the select usename, passwd from pg_shadow; because it will return to us the password hashes of the database from the pg_shadow table.

Hope You liked this finding and i apologize for if there is any mistakes in this post. ☺

reference : https://medium.com/@cryptocracker99/a-penetration-testers-guide-to-postgresql-d78954921ee9

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store