Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

docker-compose.yml exposure

By kannthu

Medium
Vidoc logoVidoc Module
#config#exposure#devops
Description

What is the "docker-compose.yml exposure?"

The "docker-compose.yml exposure" module is designed to detect misconfigurations in Docker Compose files. Docker Compose is a tool used for defining and running multi-container Docker applications. This module specifically targets the Docker Compose configuration files and checks for specific patterns and conditions to identify potential vulnerabilities.

This module has a medium severity level, indicating that the detected misconfigurations could potentially lead to security issues if left unaddressed.

The original authors of this module are meme-lord, blckraven, and geeknik.

Impact

If misconfigurations are found in the Docker Compose files, it could result in various security risks. These risks may include unauthorized access to sensitive data, exposure of internal services to the public, or the potential for attackers to exploit vulnerabilities in the deployed containers.

How does the module work?

The "docker-compose.yml exposure" module works by analyzing the content of Docker Compose files and applying specific matching conditions to identify misconfigurations. It sends HTTP requests to various paths commonly used for Docker Compose files, such as "/docker-compose.yml" and "/docker-compose.prod.yml".

One example of a matching condition used by this module is a regular expression check for the presence of the "version:" keyword followed by the "services:" keyword in the file's body. Additionally, it verifies that the HTTP response status is 200, indicating a successful request.

By combining these matching conditions, the module can identify potential misconfigurations in Docker Compose files and report them as vulnerabilities.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/docker-compose.yml/docker-compose.prod.../docker-compose.prod...(+4 paths)
Matching conditions
dsl: regex("^version: ", body) && contains(bo...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability