Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Magento - Config Disclosure

By kannthu

High
Vidoc logoVidoc Module
#magento#exposure#credential#config
Description

What is "Magento - Config Disclosure?"

The "Magento - Config Disclosure" module is designed to detect misconfigured instances of Magento, a popular e-commerce platform. It targets instances that may inadvertently expose sensitive information such as usernames, passwords, and database configurations. This module has a high severity level, indicating the potential for significant security risks.

Original authors of this module include ptonewreckin, danigoland, and geeknik.

Impact

If a Magento instance is misconfigured and vulnerable to this module, it can lead to the exposure of critical information. Attackers could gain access to usernames, passwords, and database configurations, which can be exploited for unauthorized access, data breaches, or other malicious activities.

How does the module work?

The "Magento - Config Disclosure" module works by sending HTTP requests to specific paths within the Magento installation. It checks for the presence of sensitive information in the response body, headers, and the HTTP status code. The module looks for the following conditions:

- The response body contains the keywords "Magento" and "". - The response header includes the word "application/xml". - The HTTP status code is 200 (OK).

If all of these conditions are met, the module flags the Magento instance as potentially misconfigured and vulnerable to information disclosure.

Here is an example of an HTTP request that the module may send:

GET /app/etc/local.xml HTTP/1.1
Host: example.com

It is important to note that this is just one test case among many that the Vidoc platform performs to identify vulnerabilities and misconfigurations.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/app/etc/local.xml/app/etc/local.xml.a.../store/app/etc/local...
Matching conditions
word: * Magento, <dbname>and
word: application/xmland
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability