Module library
All modules
Visit vidocsecurity.com
Ethical Hacking Automation
Automate Recon and scanning process with Vidoc. All security teams in one place
Start for free
Application Setting file disclosure
By kannthu
High
Vidoc Module
#exposure
#files
Description
Author: DhiyaneshDK,tess appsetting.json file discloses the DB connection strings containing sensitive information.
Reference
- https://twitter.com/hacker_/status/1518003548855930882?s=20&t=BVauK0yUjVl5yL7rwy0Eag
Metadata
verified: true
Module preview
Concurrent Requests (1)
1. HTTP Request template
GET
/appsettings.json
/appsettings.Product...
Matching conditions
word: ConnectionStrings
and
word: application/json
and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability