Skip to main content

MSSQL Credentials

Description

General

  • Documentation: https://docs.microsoft.com/en-us/sql/
  • Summary: Microsoft SQL Server is a relational database management system developed by Microsoft. This detector aims at detecting MSSQL credentials in a URI connection string or assignments. The port number can be attached to the hostname or defined separately.
  • IPs allowlist: This can be set on the server side. This documentation might help on the topic.
  • Scopes: Users permissions can be set by database administrators.

Revoke the secret

A database administrator can delete a user.

Check for suspicious activity

The server can be configured to log any activity on the database.

Details for Mssql assignment

  • Family: Database

  • Category: Data storage

  • Company: Microsoft

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 0.08

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- mssql
- sqlserver

Examples

- text: |
docker run --name geonetwork -d -p 8080:8080 -e MSSQL_HOST=google.com -e MSSQL_PORT=5434 -e MSSQL_USERNAME=root -e MSSQL_PASSWORD=m42ploz2wd geonetwork
host: google.com
port: '5434'
username: root
password: m42ploz2wd

- text: |
mssql.port=9082
spring.datasource.url=jdbc:sqlserver://google.com/BLUDB
spring.datasource.username=root
spring.datasource.password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass

- text: |
mssql.port=9082
db_url=jdbc:sqlserver://google.com/BLUDB
db_username=root
db_password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass

- text: |
mssql.port=9082
database_url=jdbc:sqlserver://google.com/BLUDB
database_username=root
database_password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass

Details for Mssql assignment attached port

  • Family: Database

  • Category: Data storage

  • Company: Microsoft

  • High recall: False

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 4

  • Occurrences found for one million commits: 4.56

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: true
- type: ContentWhitelistPreValidator
patterns:
- mssql
- sqlserver

Examples

- text: |
docker run --name geonetwork -d
-p 8080:8080
-e MSSQL_HOST=google.com:5434
-e MSSQL_PORT=1212
-e MSSQL_USERNAME=root
-e MSSQL_PASSWORD=m42ploz2wd
geonetwork
host: google.com
port: '5434'
username: root
password: m42ploz2wd

- text: |
mssql
server.port=1212
spring.datasource.url=jdbc:sqlserver://google.com:9082/BLUDB
spring.datasource.username=root
spring.datasource.password=sup3rstr0ngpass
host: google.com
port: '9082'
username: root
password: sup3rstr0ngpass

Details for Mssql uri

  • Family: Database

  • Category: Data storage

  • Company: Microsoft

  • High recall: True

  • Validity check available: True

  • On-premise instances exist: False

  • Only valid secrets raise an alert: False

  • Minimum number of matches: 5

  • Occurrences found for one million commits: 0.95

  • Prefixed: True

  • PreValidators:

- type: FilenameBanlistPreValidator
banlist_extensions: []
banlist_filenames: []
check_binaries: false
include_default_banlist_extensions: true
ban_markup: false
- type: ContentWhitelistPreValidator
patterns:
- mssql

Examples

- text: |
CONNECTION_URI="mssql://root:m42ploz2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42ploz2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42ploz2wd@google.com:5434/thegift

# Test special characters in password
- text: |
CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42p!o@2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift

# Test detection in md files
- text: |
CONNECTION_URI="mssql://root:m42p!o@2wd@google.com:5434/thegift"
host: google.com
port: '5434'
username: root
password: m42p!o@2wd
scheme: mssql
database: thegift
connection_uri: mssql://root:m42p!o@2wd@google.com:5434/thegift

How can I help you ?