Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Dozzle - Logs Exposure

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#logs#dozzle#docker
Description

What is "Dozzle - Logs Exposure"?

Dozzle - Logs Exposure is a module designed to detect the exposure of Docker logs through the Dozzle application. It targets instances where the Dozzle application is misconfigured, allowing unauthorized access to container logs. This module has a medium severity level.

Author: theabhinavgaur

Impact

If the Dozzle application is misconfigured and allows unauthorized access to container logs, it can lead to the exposure of sensitive information. This can potentially result in a breach of confidentiality and compromise the security of the Docker environment.

How does the module work?

The module works by sending HTTP requests to the target and matching the responses against specific conditions. It checks if the response body contains the phrase "authorizationNeeded": "false" and the word "Dozzle". Additionally, it verifies that the response status is 200.

Example HTTP request:

GET / HTTP/1.1
Host: example.com

The module matches the conditions using logical AND, meaning all conditions must be met for a positive match.

Module preview

Concurrent Requests (0)
Passive global matcher
word: "authorizationNeeded": "false", Dozzleand
status: 200
On match action
Report vulnerability