Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "DBeaver - Credentials Discovery" module is designed to detect the presence of exposed credentials in DBeaver, a popular database management tool. This module focuses on identifying misconfigurations that could potentially lead to unauthorized access to sensitive information. It is categorized as a medium severity module.
If this module detects exposed credentials in DBeaver, it indicates a potential security risk. Unauthorized individuals may gain access to sensitive data, which can lead to data breaches, unauthorized modifications, or other malicious activities.
The "DBeaver - Credentials Discovery" module works by sending an HTTP GET request to the path "/.dbeaver/credentials-config.json" in the target DBeaver instance. It then applies a series of matching conditions to determine if exposed credentials are present.
The matching conditions include:
- Checking if the HTTP response status is 200 - Verifying if the response header contains the word "application/octet-stream" - Evaluating if the response body length is greater than 2 - Ensuring that the response body does not contain the strings "If all the matching conditions are met, the module reports a vulnerability, indicating the presence of exposed credentials in DBeaver.