Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

DBeaver - Credentials Discovery

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#dbeaver
Description

What is "DBeaver - Credentials Discovery?"

The "DBeaver - Credentials Discovery" module is designed to detect the presence of exposed credentials in DBeaver, a popular database management tool. This module focuses on identifying misconfigurations that could potentially lead to unauthorized access to sensitive information. It is categorized as a medium severity module.

Impact

If this module detects exposed credentials in DBeaver, it indicates a potential security risk. Unauthorized individuals may gain access to sensitive data, which can lead to data breaches, unauthorized modifications, or other malicious activities.

How the module works?

The "DBeaver - Credentials Discovery" module works by sending an HTTP GET request to the path "/.dbeaver/credentials-config.json" in the target DBeaver instance. It then applies a series of matching conditions to determine if exposed credentials are present.

The matching conditions include:

- Checking if the HTTP response status is 200 - Verifying if the response header contains the word "application/octet-stream" - Evaluating if the response body length is greater than 2 - Ensuring that the response body does not contain the strings "If all the matching conditions are met, the module reports a vulnerability, indicating the presence of exposed credentials in DBeaver.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.dbeaver/credential...
Matching conditions
status: 200and
word: application/octet-streamand
dsl: len(body) > 2and
dsl: !contains(toLower(body), `<html`), !cont...
Passive global matcher
No matching conditions.
On match action
Report vulnerability