Find base table columns that name refers to the possibility that these are used to register passwords. Return a value from each such column. Make sure that the password is not registered as open text.
Notes
The test creates a user-defined function that should be dropped in the end (see the garbage collection). The query considers both column names in English and Estonian. The query returns (randomly) only one value. It could be that some values in the column are hashed and some are not.
Type
General (Overview of some aspect of the database.)
CREATE OR REPLACE FUNCTION f_check_password() RETURNS TEXT AS $$
DECLARE
sql_stmt TEXT;
val TEXT ;
passwd_columns RECORD;
table_schema TEXT;
table_name TEXT;
column_name TEXT;
sample_value TEXT;
return_str TEXT:='';
BEGIN
RAISE NOTICE 'Checking whether password is open text';
FOR passwd_columns IN SELECT c.table_schema, c.table_name, c.column_name
FROM INFORMATION_SCHEMA.columns AS c INNER JOIN INFORMATION_SCHEMA.tables AS t USING
(table_schema, table_name) WHERE c.data_type IN ('character', 'character varying', 'text') AND
t.table_type='BASE TABLE' AND c.table_schema NOT IN (SELECT schema_name
FROM INFORMATION_SCHEMA.schemata
WHERE schema_name<>'public' AND
schema_owner='postgres' AND schema_name IS NOT NULL) AND
c.column_name~*'(parool|salasona|passw*|pwd)'
ORDER BY c.table_schema, c.table_name LOOP
table_schema:= passwd_columns.table_schema;
table_name:= passwd_columns.table_name;
column_name:= passwd_columns.column_name;
sql_stmt:='SELECT ' || quote_ident(column_name) || ' AS c FROM ' || quote_ident(table_schema) ||'.' || quote_ident(table_name) || ' LIMIT 1';
EXECUTE sql_stmt INTO sample_value;
return_str:=return_str || ' ' || quote_ident(table_schema) || '.' || quote_ident(table_name) || '.' || quote_ident(column_name) || '=' || sample_value;
END LOOP;
RAISE NOTICE 'Detection completed';
RETURN return_str;
END;
$$ LANGUAGE plpgsql SECURITY DEFINER
SET search_path = information_schema, pg_temp;
SELECT f_check_password() AS sample_values;
DROP FUNCTION IF EXISTS f_check_password();
Collections
This query belongs to the following collections:
Name
Description
Find problems by overview
Queries that results point to different aspects of database that might have problems. A human reviewer has to decide based on the results as to whether there are problems or not .
Categories
This query is classified under the following categories:
Name
Description
Data at the database logical level
Queries of this category provide information about data in base tables.
Result quality depends on names
Queries of this category use names (for instance, column names) to try to guess the meaning of a database object. Thus, the goodness of names determines the number of false positive and false negative results.
Security
Queries of this category provide information about the security measures.