Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Postgres Exporter Metrics

By kannthu

Low
Vidoc logoVidoc Module
#postgres#exposure#debug
Description

What is the "Postgres Exporter Metrics" module?

The "Postgres Exporter Metrics" module is a test case designed to detect misconfigurations, vulnerabilities, or fingerprint software related to Postgres. It targets Postgres databases and provides information about the severity of the identified issues. The module was authored by DhiyaneshDk.

Impact

The impact of the "Postgres Exporter Metrics" module depends on the specific misconfiguration, vulnerability, or software fingerprint it detects. It can help identify potential security risks, expose sensitive data, or provide insights into the Postgres database's configuration.

How does the module work?

The "Postgres Exporter Metrics" module utilizes HTTP request templates and matching conditions to perform its tests. One example of an HTTP request it sends is a GET request to the "/metrics" path. The module then applies matching conditions to the response to determine if the target system meets the specified criteria.

The matching conditions for this module include:

- Checking if the response body contains the words "postgres" and "# HELP". - Verifying that the response status is 200 (OK).

If both conditions are met, the module considers the test successful and reports the identified issues or software fingerprint.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/metrics
Matching conditions
word: postgres, # HELPand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability