MSSQL Credentials
Description
General
- Documentation: https://docs.microsoft.com/en-us/sql/
- Summary: Microsoft SQL Server is a relational database management system developed by Microsoft. This detector aims at detecting MSSQL credentials in a URI connection string or assignments. The port number can be attached to the hostname or defined separately.
- IPs allowlist: This can be set on the server side. This documentation might help on the topic.
- Scopes: Users permissions can be set by database administrators.
Revoke the secret
A database administrator can delete a user.
Check for suspicious activity
The server can be configured to log any activity on the database.
Details for Mssql assignment
Family: Database
Category: Data storage
Company: Microsoft
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 4
Occurrences found for one million commits: 0.08
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- mssql
Examples
- text: |
docker run --name geonetwork -d -p 8080:8080 -e MSSQL_HOST=google.com -e MSSQL_PORT=5434 -e MSSQL_USERNAME=root -e MSSQL_PASSWORD=m42ploz2wd geonetwork
host: google.com
port: '5434'
username: root
password: m42ploz2wd
- text: |
mssql.port=9082
spring.datasource.url=jdbc:sqlserver://google.com/BLUDB
spring.datasource.username=root
spring.datasource.password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass
Details for Mssql assignment attached port
Family: Database
Category: Data storage
Company: Microsoft
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 4
Occurrences found for one million commits: 4.56
Prefixed: False
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- mssql
- sqlserver
Examples
- text: |
docker run --name geonetwork -d
-p 8080:8080
-e MSSQL_HOST=google.com:5434
-e MSSQL_PORT=1212
-e MSSQL_USERNAME=root
-e MSSQL_PASSWORD=m42ploz2wd
geonetwork
host: google.com
port: '5434'
username: root
password: m42ploz2wd
- text: |
mssql
server.port=1212
spring.datasource.url=jdbc:sqlserver://google.com:9082/BLUDB
spring.datasource.username=root
spring.datasource.password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass
Details for Mssql uri
Family: Database
Category: Data storage
Company: Microsoft
High recall: True
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 5
Occurrences found for one million commits: 0.95
Prefixed: True
PreValidators:
- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- mssql
Examples
- text: |
CONNECTION_URI="mssql://root:m42ploz2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42ploz2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42ploz2wd@google.com:5434/thegift
# Test special characters in password
- text: |
CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42p!o@2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift
# Test detection in md files
- text: |
CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42p!o@2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift
