Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Credentials File Disclosure

By kannthu

Medium
Vidoc logoVidoc Module
#google#secret#exposure#files
Description

What is the "Credentials File Disclosure?"

The "Credentials File Disclosure" module is designed to detect the exposure of sensitive credentials files on a target website. It specifically targets the Google platform and aims to identify instances where files containing client secrets and client IDs are publicly accessible. This module has a medium severity level and was authored by ritikchaddha.

Impact

If a credentials file is exposed, it can potentially lead to unauthorized access to sensitive information and compromise the security of the Google account associated with the exposed credentials. This can result in various security risks, including data breaches, unauthorized access to user accounts, and potential misuse of confidential information.

How the module works?

The "Credentials File Disclosure" module works by sending HTTP requests to specific paths on the target website, such as "/credentials.json" and "/assets/credentials.json". It then applies matching conditions to determine if the credentials file is exposed. The matching conditions include checking for the presence of specific keywords like "client_secret" and "client_id" within the response body and verifying that the HTTP status code is 200 (OK).

For example, if the module sends a GET request to "/credentials.json" and the response body contains the keywords "client_secret" and "client_id", and the HTTP status code is 200, it indicates that the credentials file is exposed.

By detecting the exposure of credentials files, this module helps identify potential security vulnerabilities and allows for timely remediation to prevent unauthorized access and data breaches.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/credentials.json/assets/credentials....
Matching conditions
word: "client_secret":, "client_id":and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability