Database Exposure

Naked Postgres

This page simulates a scanner-visible Postgres service on port 5432 with weak network access, trust auth rules, leaked connection metadata, and browsable role information.

Back to hub Reload scenario

Connection probe

Expected Findings

Postgres is presented as publicly reachable on port 5432.
`pg_hba.conf` trusts broad network ranges instead of restricting clients.
Connection metadata and role listings are exposed to anonymous users.
SSL is disabled in the simulated connection path.

Primary Flows

Port status Public listener and SSL posture
Banner Scanner-visible service banner
pg_hba.conf Weak auth network rules
Roles Browsable database principals
Leaked env Connection string with sslmode=disable

Signals

Connection String

DATABASE_URL=postgres://postgres:postgres@34.77.12.44:5432/app?sslmode=disable

Network Rule

host all all 0.0.0.0/0 trust

Notes

This is an HTTP emulation of an exposed Postgres service for scanner calibration, not a live SQL listener.