Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Drone - Configuration Detection

By kannthu

High
Vidoc logoVidoc Module
#config#exposure#drone
Description

What is "Drone - Configuration Detection?"

The "Drone - Configuration Detection" module is designed to detect misconfigurations in the Drone software. Drone is an open-source continuous integration and delivery platform that automates the building, testing, and deployment of applications. This module focuses on identifying potential configuration issues within the Drone setup.

The severity of this module is classified as high, indicating that the identified misconfigurations can have a significant impact on the security and functionality of the Drone environment.

Impact

If misconfigurations are present in the Drone software, it can lead to various security vulnerabilities and operational issues. These misconfigurations may expose sensitive information, allow unauthorized access, or result in improper functioning of the continuous integration and delivery processes. It is crucial to address any identified misconfigurations promptly to ensure the integrity and security of the Drone environment.

How the module works?

The "Drone - Configuration Detection" module utilizes HTTP requests and matching conditions to identify misconfigurations in the Drone software. It sends a GET request to the "/.drone.yml" path, which is the configuration file for Drone projects.

The module applies two matching conditions to determine if a misconfiguration exists. First, it checks if the response contains specific keywords such as "kind:", "name:", and "steps:". These keywords are essential components of a valid Drone configuration file. Second, it verifies that the response status is 200, indicating a successful request.

If both matching conditions are met, the module reports a vulnerability, indicating the presence of a potential misconfiguration in the Drone configuration file.

For example, the module sends the following HTTP request:

GET /.drone.yml

The module then checks if the response contains the keywords "kind:", "name:", and "steps:" and if the response status is 200.

By analyzing the response and matching conditions, the module can identify misconfigurations in the Drone software.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.drone.yml
Matching conditions
word: kind:, name:, steps:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability