From 91b858e1625a03b7208e51e851b0b7af9f88bc55 Mon Sep 17 00:00:00 2001
From: Shreya <shreya.malviya@gmail.com>
Date: Wed, 31 Mar 2021 12:13:49 +0530
Subject: [PATCH] Handle the case where the postgres connection is successful

---
 monkey/infection_monkey/network/postgresql_finger.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/monkey/infection_monkey/network/postgresql_finger.py b/monkey/infection_monkey/network/postgresql_finger.py
index aa5b89b66..999760432 100644
--- a/monkey/infection_monkey/network/postgresql_finger.py
+++ b/monkey/infection_monkey/network/postgresql_finger.py
@@ -45,6 +45,14 @@ class PostgreSQLFinger(HostFinger):
                              sslmode='prefer',
                              connect_timeout=MEDIUM_REQUEST_TIMEOUT)  # don't need to worry about DB name; creds are wrong, won't check
 
+            # if it comes here, the creds worked
+            # this shouldn't happen since capital letters are not supported in postgres usernames
+            # perhaps the service is a honeypot
+            host.services[self._SCANNED_SERVICE]['communication_encryption_details'] =\
+                f'The PostgreSQL server was unexpectedly accessible with the credentials - ' +\
+                'user: \'{self.CREDS['username']}\' and password: \'{self.CREDS['password']}\'. Is this a honeypot?'
+            return True
+
         except psycopg2.OperationalError as ex:
             # try block will throw an OperationalError since the credentials are wrong, which we then analyze
             try: