Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Config File Exposure" module is designed to detect misconfigurations in the target software that may expose sensitive configuration files. It targets software that utilizes configuration files to store important settings and credentials. This module has a medium severity level and was authored by geeknik.
If a misconfiguration is detected, it could potentially expose sensitive information such as API keys, AWS credentials, and server configurations. This can lead to unauthorized access, data breaches, and other security risks.
The "Config File Exposure" module works by sending HTTP requests to specific paths commonly used for storing configuration files. It then applies matching conditions to determine if a misconfiguration is present. For example, it checks if the response contains specific keywords related to sensitive information, such as "api_keys", "aws", and "server". Additionally, it verifies that the HTTP response status is 200, indicating a successful request.
Here is an example of an HTTP request sent by the module:
GET /config/default.json
The module matches the response against the following conditions:
- The response must contain any of the specified keywords ("api_keys", "aws", "server") - The HTTP response status must be 200If both conditions are met, the module identifies a misconfiguration and reports it as a vulnerability.