Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Config File Exposure

By kannthu

Medium
Vidoc logoVidoc Module
#config#exposure#files
Description

What is "Config File Exposure?"

The "Config File Exposure" module is designed to detect misconfigurations in the target software that may expose sensitive configuration files. It targets software that utilizes configuration files to store important settings and credentials. This module has a medium severity level and was authored by geeknik.

Impact

If a misconfiguration is detected, it could potentially expose sensitive information such as API keys, AWS credentials, and server configurations. This can lead to unauthorized access, data breaches, and other security risks.

How the module works?

The "Config File Exposure" module works by sending HTTP requests to specific paths commonly used for storing configuration files. It then applies matching conditions to determine if a misconfiguration is present. For example, it checks if the response contains specific keywords related to sensitive information, such as "api_keys", "aws", and "server". Additionally, it verifies that the HTTP response status is 200, indicating a successful request.

Here is an example of an HTTP request sent by the module:

GET /config/default.json

The module matches the response against the following conditions:

- The response must contain any of the specified keywords ("api_keys", "aws", "server") - The HTTP response status must be 200

If both conditions are met, the module identifies a misconfiguration and reports it as a vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/config/default.json/config.json/config/config.json(+1 paths)
Matching conditions
word: "api_keys":, "aws":, "server":and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability