Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Cakephp Configuration File Disclosure

By kannthu

Medium
Vidoc logoVidoc Module
#files#exposure#config
Description

What is the "Cakephp Configuration File Disclosure?"

The "Cakephp Configuration File Disclosure" module is designed to detect a misconfiguration vulnerability in Cakephp applications. Cakephp is a popular PHP framework used for developing web applications. This module specifically targets the exposure of sensitive configuration files, such as phinx.yml and phinx.yaml, which may contain important information like host, name, and password.

This module has a medium severity level, indicating that if exploited, it could potentially lead to unauthorized access or exposure of sensitive data.

Impact

If the Cakephp configuration files are exposed, an attacker could gain access to sensitive information, such as database credentials, API keys, or other configuration settings. This could lead to unauthorized access, data breaches, or other security incidents.

How the module works?

The module works by sending HTTP requests to specific paths, namely "/phinx.yml" and "/phinx.yaml", commonly used for storing Cakephp configuration files. It then applies matching conditions to determine if the files contain sensitive information and if the server responds with a 200 status code.

The matching conditions include checking for specific keywords like "host:", "name:", and "pass:" within the response body. If these keywords are found and the response status code is 200, the module flags the vulnerability as detected.

Here is an example of an HTTP request sent by the module:

GET /phinx.yml

The module expects the response to contain the specified keywords and a 200 status code to confirm the presence of the misconfiguration vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/phinx.yml/phinx.yaml
Matching conditions
word: host:, name:, pass:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability