Skip to main content

MSSQL Credentials

Description

General

  • Documentation: https://docs.microsoft.com/en-us/sql/
  • Summary: Microsoft SQL Server is a relational database management system developed by Microsoft. This detector aims at detecting MSSQL credentials in a URI connection string or assignments. The port number can be attached to the hostname or defined separately.
  • IPs allowlist: This can be set on the server side. This documentation might help on the topic.
  • Scopes: Users permissions can be set by database administrators.

Revoke the secret

A database administrator can delete a user.

Check for suspicious activity

The server can be configured to log any activity on the database.

Details for MSSQL Credentials

  • Family: identifiers

  • Category: data_storage

  • Company: Microsoft

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - mssql
    - sqlserver

Examples

- text: |
    docker run --name geonetwork -d -p 8080:8080 -e MSSQL_HOST=google.com -e MSSQL_PORT=5434 -e MSSQL_USERNAME=root -e MSSQL_PASSWORD=m42ploz2wd geonetwork
  host: google.com
  port: '5434'
  username: root
  password: m42ploz2wd

- text: |
    mssql.port=9082
    spring.datasource.url=jdbc:sqlserver://google.com/BLUDB
    spring.datasource.username=root
    spring.datasource.password=sup3rstr0ngpass
  host: google.com
  port: '9082'
  username: root
  password: sup3rstr0ngpass

- text: |
    mssql.port=9082
    db_url=jdbc:sqlserver://google.com/BLUDB
    db_username=root
    db_password=sup3rstr0ngpass
  host: google.com
  port: '9082'
  username: root
  password: sup3rstr0ngpass

- text: |
    mssql.port=9082
    database_url=jdbc:sqlserver://google.com/BLUDB
    database_username=root
    database_password=sup3rstr0ngpass
  host: google.com
  port: '9082'
  username: root
  password: sup3rstr0ngpass

Details for MSSQL Credentials

  • Family: identifiers

  • Category: data_storage

  • Company: Microsoft

  • High recall: False

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 4.56

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: true
- type: ContentWhitelistPreValidator
  patterns:
    - mssql
    - sqlserver

Examples

- text: |
    docker run --name geonetwork -d
    -p 8080:8080
    -e MSSQL_HOST=google.com:5434
    -e MSSQL_PORT=1212
    -e MSSQL_USERNAME=root
    -e MSSQL_PASSWORD=m42ploz2wd
    geonetwork
  host: google.com
  port: '5434'
  username: root
  password: m42ploz2wd

- text: |
    mssql
    server.port=1212
    spring.datasource.url=jdbc:sqlserver://google.com:9082/BLUDB
    spring.datasource.username=root
    spring.datasource.password=sup3rstr0ngpass
  host: google.com
  port: '9082'
  username: root
  password: sup3rstr0ngpass

Details for MSSQL URI

  • Family: identifiers

  • Category: data_storage

  • Company: Microsoft

  • High recall: True

  • Validity check available: True

  • Analyzer available: False

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 5

  • Occurrences found for one million commits: 0.95

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator
  banlist_extensions: []
  banlist_filenames: []
  check_binaries: false
  include_default_banlist_extensions: true
  ban_markup: false
- type: ContentWhitelistPreValidator
  patterns:
    - mssql

Examples

- text: |
    CONNECTION_URI="mssql://root:m42ploz2wd@google.com:5434/thegift"
  host: google.com
  port: '5434'
  username: root
  password: m42ploz2wd
  scheme: mssql
  database: thegift
  connection_uri: mssql://root:m42ploz2wd@google.com:5434/thegift

# Test special characters in password
- text: |
    CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
  host: google.com
  port: '5434'
  username: root
  password: m42p!o@2wd
  scheme: mssql
  database: thegift
  connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift

# Test detection in md files
- text: |
    CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
  host: google.com
  port: '5434'
  username: root
  password: m42p!o@2wd
  scheme: mssql
  database: thegift
  connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift
Last updated on

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status