Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Laravel log file publicly accessible" module is designed to detect a potential misconfiguration in a Laravel web application. It focuses on the log file of the application, which may contain sensitive information such as tokens, error messages, and syntax errors. This module has a high severity level, indicating that it poses a significant risk to the security of the application.
If the log file of a Laravel application is publicly accessible, it can expose sensitive information to unauthorized users. This information can be used by attackers to gain further access to the application, exploit vulnerabilities, or launch targeted attacks.
The "Laravel log file publicly accessible" module works by sending an HTTP GET request to the path "/storage/logs/laravel.log" of the target application. It then applies a set of matching conditions to determine if the log file is publicly accessible.
The matching conditions include:
- Checking the response body for specific words such as "InvalidArgumentException," "local.ERROR," "ErrorException," and "syntax error." If any of these words are found, it indicates that the log file may contain sensitive information. - Checking the response headers for the presence of "text/plain" or "text/x-log" content types. These content types are commonly associated with log files. - Verifying that the HTTP response status code is 200, indicating a successful request.If all of these matching conditions are met, the module reports a potential misconfiguration, indicating that the log file is publicly accessible.
For example, the module may send the following HTTP request:
GET /storage/logs/laravel.log
It then analyzes the response to determine if the log file is publicly accessible based on the matching conditions.