Skip to content

5432 - Pentesting psql

Nmap scan

nmap -sV -sC -p 5432 10.0.2.5

Metasploit - version

use auxiliary/scanner/postgres/postgres_version
set RHOSTS 10.0.2.5
set USERNAME hacker
unset PASSWORD
options
run

Metasploit - login

use auxiliary/scanner/postgres/postgres_login
set RHOSTS 10.0.2.5
set BLANK_PASSWORDS true
set DATABASE template1
set STOP_ON_SUCCESS true
set USERPASS_FILE /usr/share/metasploit-framework/data/wordlists/postgres_default_userpass.txt
set USER_FILE /usr/share/metasploit-framework/data/wordlists/postgres_default_user.txt
options
run