Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Public .idea Folder containing files with sensitive data

By kannthu

Informative
Vidoc logoVidoc Module
#phpstorm#jetbrains#idea#exposure#files
Description

What is the "Public .idea Folder containing files with sensitive data?" module?

The "Public .idea Folder containing files with sensitive data" module is designed to detect the presence of a specific folder called ".idea" in a web application. This folder is commonly used by JetBrains IDEs, such as PhpStorm, to store project-specific configuration files. The module focuses on identifying the exposure of this folder, which may contain sensitive data that should not be publicly accessible.

This module is categorized as informative, meaning it provides information about potential misconfigurations or vulnerabilities without actively exploiting them.

Author: martincodes-de

Impact

If the ".idea" folder is publicly accessible, it can expose sensitive information about the project, including configuration settings, deployment details, and workspace preferences. This can potentially lead to unauthorized access, information leakage, or even compromise of the entire application.

How does the module work?

The module works by sending HTTP requests to specific paths, such as "/.idea/deployment.xml" and "/.idea/workspace.xml", which are commonly used by JetBrains IDEs to store project-related information. It then applies matching conditions to determine if the response indicates the presence of the ".idea" folder and its sensitive files.

For example, the module checks if the response status is 200 (indicating a successful request) and if the response body contains specific XML tags that are typically found in JetBrains IDE configuration files.

Example HTTP request:
GET /.idea/deployment.xml

Matching conditions:
- Response status: 200
- Response body contains "

If the module finds a match, it reports the vulnerability, indicating that the ".idea" folder and its sensitive files are publicly accessible.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.idea/deployment.xm.../.idea/workspace.xml
Matching conditions
status: 200and
word: <?xml version=, <project version
Passive global matcher
No matching conditions.
On match action
Report vulnerability