Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Atom Package SFTP - Deployment Configuration Disclosure

By kannthu

High
Vidoc logoVidoc Module
#sftp#atom#config#exposure
Description

What is the "Atom Package SFTP - Deployment Configuration Disclosure?"

The "Atom Package SFTP - Deployment Configuration Disclosure" module is designed to detect a specific misconfiguration vulnerability in the Atom Package SFTP plugin. This plugin is used for deploying files via SFTP in the Atom text editor. The severity of this vulnerability is classified as high.

This module was created by geeknik.

Impact

If exploited, this vulnerability could lead to the exposure of sensitive server details and credentials. The deployment configuration file, "deployment-config.json," contains information such as the host, username, password, and remote path. Unauthorized access to this file could potentially compromise the security of the SFTP server.

How the module works?

The module works by sending an HTTP GET request to the "/deployment-config.json" path. It then applies two matching conditions to determine if the vulnerability is present:

    - The first matching condition checks if the response body contains specific keywords related to the sensitive information stored in the deployment configuration file, such as "host," "username," "password," and "remotePath." If all of these keywords are found, the condition is met. - The second matching condition verifies if the HTTP response status code is 200, indicating a successful request. If the status code matches, the condition is met.

If both matching conditions are met, the module reports the vulnerability.

Example HTTP request:

GET /deployment-config.json

Note: The actual JSON definitions of the module are not shown here for simplicity.

For more information about the Atom Package SFTP plugin, you can visit the official package page.

Metadata:

verified: true

github-query: filename:deployment-config.json sftp

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/deployment-config.j...
Matching conditions
word: "host":, "username":, "password":, "remo...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability