Postgres Fingerprinting

Many database servers helpfully provide version number, platform, and other salient details to just about anyone who asks, authenticated or not, which makes fingerprinting these applications a snap. However, Postgres is a little more coquettish about revealing such personal information about itself to just anyone. The best way to determine Postgres' version is to log in and just ask with a "select version()" query, but what if you don't (yet) have credentials?Lucky for unauthenticated types, it turns out that Postgres is pretty forthcoming in its authentication failure messages. Take this example response to a failed login attempt:0000 45 00 00 00 61 53 46 41 54 41 4c 00 43 32 38 30 E...aSFATAL.C2800010 30 30 00 4d 70 61 73 73 77 6f 72 64 20 61 75 74 00.Mpassword aut0020 68 65 6e 74 69 63 61 74 69 6f 6e 20 66 61 69 6c hentication fail0030 65 64 20 66 6f 72 20 75 73 65 72 20 22 70 6f 73 ed for user "pos0040 74 67 72 65 73 22 00 46 61 75 74 68 2e 63 00 4c tgres".Fauth.c.L0050 32 37 33 00 52 61 75 74 68 5f 66 61 (continue reading...)