Private key exposure via helper detector

What is the "Private key exposure via helper detector?"

The "Private key exposure via helper detector" module is designed to detect potential exposure of private keys by querying the helper endpoint on the node_modules of a software. This module targets the software that utilizes the Node.js platform. It is classified as a high severity module, indicating the potential risk it poses to the security of the software.

Author: aashiq

Impact

If a private key is exposed, it can be accessed by unauthorized individuals, potentially leading to unauthorized access, data breaches, and other security incidents. It is crucial to protect private keys to maintain the confidentiality and integrity of sensitive information.

How does the module work?

The "Private key exposure via helper detector" module works by sending an HTTP request to the helper endpoint located in the node_modules directory of the targeted software. It then applies matching conditions to determine if the response indicates the presence of private key exposure.

Example HTTP request:

GET /node_modules/mqtt/test/helpers/

The module uses the following matching conditions:

- Status: The response status code should be 200. - Content: The response body should contain the phrases "Index of /node_modules/mqtt/test/helpers" and "Parent Directory".

If all the matching conditions are met, the module reports a potential private key exposure vulnerability.

Metadata:

max-request: 1