Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Directory Listing via DS_Store

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#files
Description

What is "Directory Listing via DS_Store?"

The "Directory Listing via DS_Store" module is designed to detect the presence of a specific misconfiguration in web servers that can potentially expose sensitive information. It targets the DS_Store file, which is a hidden file created by macOS Finder to store custom attributes of a folder.

This module has an informative severity level, meaning it provides valuable information but does not pose an immediate security risk.

This module was authored by 0w4ys.

Impact

If the DS_Store file is accessible, it may reveal the directory structure and filenames of the web server, potentially exposing sensitive information to attackers. This information can be used for further reconnaissance or targeted attacks.

How does the module work?

The "Directory Listing via DS_Store" module sends a GET request to the "/.DS_Store" path on the target web server. It then applies a series of matching conditions to determine if the DS_Store file is exposed.

The matching conditions include:

- Checking for the presence of the string "\u0000@\u0000" in the response body - Verifying that the response status code is 200 (OK) - Checking for the presence of either "Accept-Ranges: bytes" or "octet-stream" in the response headers

If all the matching conditions are met, the module reports a potential vulnerability.

Example HTTP request:

GET /.DS_Store HTTP/1.1
Host: example.com

Please note that the actual HTTP request may contain additional headers or parameters depending on the target configuration.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.DS_Store
Matching conditions
word: @and
status: 200and
word: Accept-Ranges: bytes, octet-stream
Passive global matcher
No matching conditions.
On match action
Report vulnerability