Nmap Development mailing list archives
Re: pgsql-brute script doesn't work
From: Daniel Miller <bonsaiviking () gmail com>
Date: Mon, 2 Sep 2013 07:19:02 -0500
Alexander,
The pgsql-brute script was not able to handle the Russian
internationalization that your postgres was compiled with. I looked up the
error string and tried to expand the check, so this patch may help. Even in
English, I think the text was changed between versions, so I reduced the
check to a smaller common string. Please let me know if this works so that
it can be committed.
Dan
diff --git a/scripts/pgsql-brute.nse b/scripts/pgsql-brute.nse
index a462f69..3d81a9d 100644
--- a/scripts/pgsql-brute.nse
+++ b/scripts/pgsql-brute.nse
@@ -125,7 +125,16 @@ action = function( host, port )
socket = connectSocket( host, port,
ssl_enable )
status, response = pg.sendStartup(socket,
username, username)
if (not(status)) then
- if ( response:match("no pg_hba.conf
entry for host") ) then
+ if ( response:find("no pg_hba.conf
entry") or
+ response:find("в
pg_hba.conf нет записи") or
+ response:find("kein
pg_hba.conf-Eintrag") or
+
response:find("aucune entr\xe9e dans pg_hba.conf") or
+ response:find("no
hay una línea en pg_hba.conf") or
+
response:find("nenhuma entrada no pg_hba.conf") or
+ response:find("brak
wpisu w pg_hba.conf") or
+
response:find("没有用于主机") or
+
response:find("pg_hba.conf 沒有") or
+
response:find("pg_hba.conf にホスト") ) then
stdnse.print_debug("The
host was denied access to db \"%s\" as user \"%s\", aborting ...",
username, u
break
else
_______________________________________________
Sent through the dev mailing list
http://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/
Current thread:
- pgsql-brute script doesn't work Alexander Fedintsev (Sep 01)
- Re: pgsql-brute script doesn't work Daniel Miller (Sep 02)