Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Pantheon upstream.yml Disclosure

By kannthu

Low
Vidoc logoVidoc Module
#exposure#devops#patheon#config#files
Description

What is the "Pantheon upstream.yml Disclosure?"

The "Pantheon upstream.yml Disclosure" module is designed to detect misconfigurations in the Pantheon YAML configuration files. Pantheon is a web development platform that provides hosting and management services for Drupal and WordPress websites. This module focuses on the "pantheon.upstream.yml" file, which contains important configuration settings for a Pantheon site.

This module has a low severity level, indicating that the detected misconfigurations may not pose a significant risk but should still be addressed to ensure the security and proper functioning of the Pantheon site.

This module was authored by DhiyaneshDK.

Impact

If misconfigurations are found in the Pantheon YAML configuration files, sensitive information may be exposed. This can include database credentials and protected web paths, which could potentially be exploited by malicious actors to gain unauthorized access to the site or its resources.

How does the module work?

The "Pantheon upstream.yml Disclosure" module works by sending an HTTP GET request to the "/pantheon.upstream.yml" path of the target website. It then applies matching conditions to determine if misconfigurations are present.

Matching conditions:

- The response body must contain the words "database:" and "protected_web_paths:". - The HTTP status code must be 200 (OK).

If both conditions are met, the module reports a vulnerability, indicating that misconfigurations in the Pantheon YAML configuration files have been detected.

For more information, you can refer to the Pantheon YAML documentation.

Metadata:

verified: true

google-query: intitle:"index of" "pantheon.upstream.yml"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/pantheon.upstream.y...
Matching conditions
word: database:, protected_web_paths:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability