Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Gitignore Config - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#tenable#config#git
Description

What is the "Gitignore Config - Detect" module?

The "Gitignore Config - Detect" module is designed to detect misconfigurations in Gitignore files. Gitignore files are used to specify which files and directories should be ignored by Git, a version control system. This module targets Gitignore files in various locations, such as the root directory, the assets directory, and the includes directory.

This module has an informative severity level, which means it provides valuable information but does not indicate a vulnerability or software detection.

This module was authored by TheZakMan and geeknik.

Impact

The detection of Gitignore configuration information can provide insights into how files and directories are being ignored by Git. This information can be useful for understanding the version control practices and potential exposure of sensitive files.

How does the module work?

The "Gitignore Config - Detect" module works by sending HTTP requests to specific paths where Gitignore files are commonly located. It then applies matching conditions to determine if a Gitignore file is present and if it contains certain characteristics.

For example, one of the matching conditions checks if the response body length is greater than 50 characters and if the HTTP status code is 200 (OK). Additionally, the module checks if the response does not contain certain words or patterns, such as "application/javascript", "application/x-javascript", "application/json", "application/xml", "html", "

By analyzing the HTTP responses and applying these matching conditions, the module can identify Gitignore files that may have misconfigurations or unusual characteristics.

Here is an example of an HTTP request sent by the module:

GET /.gitignore

The module then evaluates the response based on the defined matching conditions to determine if a misconfiguration is present.

It is important to note that this module does not make any changes to the target system or perform any actions beyond detecting Gitignore configuration information.

For more information, you can refer to the following references:

- Twitter post about Gitignore configuration detection - Tenable plugin for Gitignore configuration detection

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.gitignore/assets/.gitignore/includes/.gitignore
Matching conditions
dsl: len(body) > 50, status_code == 200and
NOT word: application/javascript, application/x-ja...
Passive global matcher
No matching conditions.
On match action
Report vulnerability