Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Application Setting file disclosure

By kannthu

High
Vidoc logoVidoc Module
#exposure#files
Description
Author: DhiyaneshDK,tess appsetting.json file discloses the DB connection strings containing sensitive information. Reference - https://twitter.com/hacker_/status/1518003548855930882?s=20&t=BVauK0yUjVl5yL7rwy0Eag Metadata verified: true

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/appsettings.json/appsettings.Product...
Matching conditions
word: ConnectionStringsand
word: application/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability