The PostgreSQL Protocol
There are three versions of the PostgreSQL protocol. PostgreSQL 6.3 introduced protocol version numbers starting from 1.0. PostgreSQL 6.4 introduced protocol version 2.0 and PostgreSQL 7.4 introduced protocol version 3.0. The most recent version of the database, 8.0, uses protocol version 3.0.
Unlike the protocols that other DBMS use, the PostgreSQL protocol does not willingly surrender the database version number. During the connection handshake, the protocol version is the only information that is required to determine client-server compatibility. Once the handshake is complete, the client application may query the server version to determine whether specific SQL features are supported. This means that in order to fingerprint the server remotely and anonymously, the attacker must make inferences based on observing both the message flow and content:
- The server version can be inferred from the highest version number of the protocol that the postmaster supports.
- The server version can be inferred from error messages returned by sending malformed responses to certain messages.
- The server version can be inferred by studying responses to requests found in later versions of the protocol (SSL support was only introduced in version 7.1).
- The server version can be inferred by the presence of certain authentication types (md5 was only introduced in version 7.2).
The startup packet sent from the client typically contains a username, database name, and protocol version. ...
Get The Database Hacker's Handbook: Defending Database Servers now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
