Skip to main content

MSSQL Credentials

Description#

General#

  • Documentation: https://docs.microsoft.com/en-us/sql/
  • Summary: Microsoft SQL Server is a relational database management system developed by Microsoft. This detector aims at detecting MSSQL credentials in a URI connection string or assignements. The port number can be attached to the hostname or defined separately.
  • IPs allowlist: This can be set on the server side. This documentation might help on the topic.
  • Scopes: Users permissions can be set by database administrators.

Revoke the secret#

A database administrator can delete a user.

Check for suspicious activity#

The server can be configured to log any activity on the database.

Details for Mssql assignment#

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - mssql

Examples#

- text: >    docker run --name geonetwork -d -p 8080:8080 -e MSSQL_HOST=google.com -e MSSQL_PORT=5434 -e MSSQL_USERNAME=root -e MSSQL_PASSWORD=m42ploz2wd geonetwork  host: google.com  port: "5434"  username: root  password: m42ploz2wd
- text: >    mssql.port=9082    spring.datasource.url=jdbc:sqlserver://google.com/BLUDB    spring.datasource.username=root    spring.datasource.password=sup3rstr0ngpass  host: google.com  port: "9082"  username: root  password: sup3rstr0ngpass

Details for Mssql assignment attached port#

  • Category: Data storage

  • High recall: False

  • Validity check available: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 6.7

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - mssql  - sqlserver

Examples#

- text: >    docker run --name geonetwork -d    -p 8080:8080    -e MSSQL_HOST=google.com:5434    -e MSSQL_PORT=1212    -e MSSQL_USERNAME=root    -e MSSQL_PASSWORD=m42ploz2wd    geonetwork  host: google.com  port: "5434"  username: root  password: m42ploz2wd
- text: >    mssql    server.port=1212    spring.datasource.url=jdbc:sqlserver://google.com:9082/BLUDB    spring.datasource.username=root    spring.datasource.password=sup3rstr0ngpass  host: google.com  port: "9082"  username: root  password: sup3rstr0ngpass

Details for Mssql uri#

  • Category: Data storage

  • High recall: True

  • Validity check available: True

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 8

  • Occurrences found for one million commits: 0.95

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:  - ^(cs|x|p|s|r)?html5?~?$  - ^[aps]?cssc?~?$  - ^lock$  - ^mdx?~?$  - ^storyboard(c|er)?~?$  - ^xib$  banlist_filenames: []  check_binaries: false- type: ContentWhitelistPreValidator  patterns:  - mssql

Examples#

- text: >    CONNECTION_URI="mssql://root:m42ploz2wd@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: m42ploz2wd  scheme: mssql  database: thegift  connection_uri: mssql://root:m42ploz2wd@google.com:5434/thegift
# Test special characters in password- text: >    CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"  host: google.com  port: "5434"  username: root  password: m42p!o@2wd  scheme: mssql  database: thegift  connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift