Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Exposed appsettings.json

By kannthu

High
Vidoc logoVidoc Module
#exposure#misconfiguration
Description

What is the "Exposed appsettings.json?"

The "Exposed appsettings.json" module is designed to detect misconfigurations in the appsettings.json file of a web application. This module targets web servers and aims to identify instances where sensitive information, such as database connection strings, logging configurations, and allowed hosts, are exposed. The severity of this module is classified as high, indicating the potential for significant security risks if misconfigurations are present. The original author of this module is not specified.

Impact

If misconfigurations are detected in the appsettings.json file, it can lead to the exposure of sensitive information. This can include database credentials, which can be exploited by attackers to gain unauthorized access to the database. Additionally, exposed logging configurations can provide valuable insights to attackers, allowing them to better understand the application's behavior and potentially exploit vulnerabilities. Furthermore, knowledge of allowed hosts can aid attackers in bypassing security measures and launching attacks against the web application.

How the module works?

The "Exposed appsettings.json" module works by sending an HTTP GET request to the "/appsettings.json" path of the target web server. It then applies a series of matching conditions to determine if misconfigurations are present. The matching conditions include:

- Checking the response body for specific keywords such as "Logging", "AllowedHosts", and "ConnectionStrings". If any of these keywords are found, it indicates the presence of sensitive information in the appsettings.json file. - Verifying that the HTTP response status is 200, indicating a successful request. - Inspecting the response headers for the presence of the "application/json" content type, which suggests that the appsettings.json file is being returned.

If all of these matching conditions are met, the module reports a vulnerability, indicating the presence of misconfigurations in the appsettings.json file.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/appsettings.json
Matching conditions
word: Logging, AllowedHosts, ConnectionStringsand
status: 200and
word: application/json
Passive global matcher
No matching conditions.
On match action
Report vulnerability