Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "GoCd Encryption Key" module is a test case designed to detect misconfigurations in the GoCD software. It focuses on identifying potential exposure of the encryption key used by GoCD, which can lead to security vulnerabilities. This module has a low severity level.
Author: dhiyaneshDk
If the GoCD encryption key is exposed, it can be exploited by attackers to gain unauthorized access to sensitive data and compromise the integrity of the GoCD system. This can result in data breaches, unauthorized modifications, and potential disruption of the software's functionality.
The "GoCd Encryption Key" module performs HTTP requests to identify the presence of the encryption key and validate its configuration. It uses the following matching conditions:
- Status: The HTTP response status code should be 200. - Regex: The response body should match the regular expression pattern([a-z0-9]){32}
, indicating a 32-character alphanumeric string.
- Header: The response should have the header Content-Type: text/plain
.
By evaluating these conditions, the module determines if the GoCD encryption key is exposed and reports any vulnerabilities found.
Reference: - https://attackerkb.com/assessments/9101a539-4c6e-4638-a2ec-12080b7e3b50 - https://blog.sonarsource.com/gocd-pre-auth-pipeline-takeover - https://twitter.com/wvuuuuuuuuuuuuu/status/1456316586831323140 Metadata:shodan-query: http.title:"Create a pip