Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Config Properties Exposure" module is designed to detect misconfigurations in the target software. It focuses on identifying vulnerabilities related to the exposure of sensitive configuration properties. This module has a high severity level, indicating the potential impact of the identified vulnerabilities.
Originally authored by j4vaovo and DhiyaneshDK, this module is part of the Vidoc platform's scanning capabilities.
The module aims to identify instances where sensitive configuration properties are exposed. This can lead to potential security risks, such as unauthorized access to sensitive information or credentials. By detecting these vulnerabilities, organizations can take appropriate measures to secure their systems and prevent potential attacks.
The "Config Properties Exposure" module utilizes HTTP request templates and matching conditions to identify misconfigurations. It sends HTTP GET requests to specific paths, including "/config.properties", "/config.properties.bak", and "/ui_config.properties".
The module applies several matching conditions to determine if a vulnerability exists:
- Body Regex Matcher: Checks if the response body contains patterns that match common sensitive information, such as database connection strings or passwords. - Header Word Matcher: Verifies if the response headers contain specific words, such as "text/plain" or "bytes". - Header Word Negative Matcher: Ensures that the response headers do not contain the word "text/html". - Status Matcher: Confirms that the HTTP response status is 200 (OK).By analyzing the responses based on these matching conditions, the module determines if a misconfiguration vulnerability is present.
Here is an example of an HTTP request sent by the module:
GET /config.properties HTTP/1.1
Host: example.com
It is important for organizations to address any identified vulnerabilities to prevent potential security breaches and protect sensitive information.