Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Dockerrun AWS Configuration Exposure

By kannthu

Medium
Vidoc logoVidoc Module
#config#exposure#aws#devops
Description

What is the "Dockerrun AWS Configuration Exposure" module?

The "Dockerrun AWS Configuration Exposure" module is designed to detect misconfigurations in the AWS configuration of Docker containers. It targets the Dockerrun.aws.json file, which is used to define the configuration of Docker containers in AWS Elastic Beanstalk.

This module has a severity level of medium, indicating that the detected misconfigurations could potentially lead to security vulnerabilities or operational issues.

This module was authored by pdteam.

Impact

If misconfigurations are detected in the AWS configuration of Docker containers, it could expose sensitive information or lead to insecure deployments. This could potentially result in unauthorized access, data breaches, or disruption of services.

How does the module work?

The "Dockerrun AWS Configuration Exposure" module works by sending HTTP requests to the Dockerrun.aws.json file and applying matching conditions to identify specific keywords. It looks for the presence of the AWSEBDockerrunVersion and containerDefinitions keywords within the file.

Here is an example of an HTTP request sent by the module:

GET /Dockerrun.aws.json

The module uses the following matching conditions:

- Part: all - Type: word - Words: AWSEBDockerrunVersion, containerDefinitions - Negative: false - Condition: and

The module matches the keywords using the "and" condition, meaning that both keywords must be present in the file for a match to occur.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/Dockerrun.aws.json
Matching conditions
word: AWSEBDockerrunVersion, containerDefiniti...
Passive global matcher
No matching conditions.
On match action
Report vulnerability