Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Generic Env File Disclosure" module is designed to detect misconfigurations in the environment files of a web application. It targets applications that use environment files to store sensitive information such as database credentials and tokens. This module helps identify instances where these environment files are publicly accessible, which can pose a security risk.
This module has a severity level of high, indicating that the vulnerability it detects can have significant consequences if not addressed.
Author: kazet
If a .env file containing sensitive information is publicly accessible, it can be exploited by attackers to gain unauthorized access to the application's resources. This can lead to data breaches, unauthorized modifications, and other security incidents.
The "Generic Env File Disclosure" module works by sending HTTP requests to specific paths commonly used for storing environment files. It checks the response body of these requests for patterns that indicate the presence of sensitive information, such as database credentials and tokens.
For example, one of the paths checked is "/.env", which is a common default location for environment files. The module uses regular expressions to match patterns like "KEY", "TOKEN", "PASS", "SECRET", "DB_URL", "DATABASE_URL", and "MAILER_URL" followed by an equal sign. If a match is found, the module reports a vulnerability.
Here is an example of an HTTP request sent by the module:
GET /.env HTTP/1.1
Host: example.com
The module's matching conditions include checking the response body for the specified patterns. It uses the "and" condition, meaning all the patterns must be present for a match to occur.
It is important to note that the module does not provide any remediation actions. Its purpose is to identify the presence of a vulnerability so that appropriate measures can be taken to secure the environment files.