Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "application.yaml detection" module is designed to detect misconfigurations in the YAML files used by applications. It focuses on finding Application YAML files that often contain sensitive information. The severity of this module is classified as informative. This module targets applications that use YAML files for configuration.
This module helps identify potential misconfigurations in application YAML files, which can lead to security vulnerabilities. By detecting these misconfigurations, it allows developers and administrators to take appropriate actions to secure their applications and protect sensitive information.
The "application.yaml detection" module works by sending HTTP requests to specific paths commonly used for application YAML files, such as "/app.yaml", "/app.yml", "/application.yaml", and "/application.yml". It then applies matching conditions to identify misconfigurations. The matching conditions include:
- Checking for specific keywords in the YAML file, such as "runtime:", "spring:", "datasource:", "platform:", "server:", and "job:". - Verifying that the HTTP response status is 200. - Applying a DSL (Domain Specific Language) condition to ensure that the response body does not contain certain HTML or XML elements.By combining these matching conditions, the module can effectively detect misconfigurations in application YAML files.
Example HTTP request:
GET /app.yaml
Note: The actual module definition is not shown here for simplicity. The provided example demonstrates the general concept of how the module works.