Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Pipeline Configuration Exposure

By kannthu

Informative
Vidoc logoVidoc Module
#devops#exposure#cicd#files
Description

Pipeline Configuration Exposure

What is the "Pipeline Configuration Exposure?"

The "Pipeline Configuration Exposure" module is designed to detect misconfigurations in pipeline configurations. It targets DevOps environments and focuses on exposing sensitive information related to Continuous Integration/Continuous Deployment (CI/CD) pipelines. This module has an informative severity level and was authored by DhiyaneshDK.

Impact

If a misconfiguration is detected, it could potentially expose sensitive information such as system details and project names. This information leakage could be exploited by malicious actors to gain unauthorized access or perform targeted attacks on the CI/CD pipeline.

How the module works?

The "Pipeline Configuration Exposure" module works by sending HTTP requests to specific endpoints, such as "/pipeline.yaml". It then applies matching conditions to determine if a misconfiguration is present. The matching conditions include checking for specific words like "system:" and "project_name:" in the response body, as well as verifying that the HTTP status code is 200.

Here is an example of an HTTP request sent by the module:

GET /pipeline.yaml

The module matches the response against the following conditions:

- Check if the response contains both "system:" and "project_name:" - Verify that the HTTP status code is 200

If all the matching conditions are met, the module reports a potential misconfiguration.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/pipeline.yaml
Matching conditions
word: system:, project_name:and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability