Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Salesforce Credentials Disclosure

By kannthu

Informative
Vidoc logoVidoc Module
#exposure#files#salesforce
Description

What is the "Salesforce Credentials Disclosure?"

The "Salesforce Credentials Disclosure" module is designed to detect potential vulnerabilities related to the exposure of Salesforce credentials. Salesforce is a popular customer relationship management (CRM) platform used by businesses to manage their sales, marketing, and customer service activities. This module focuses on identifying misconfigurations or vulnerabilities that could lead to the disclosure of sensitive Salesforce credentials.

This module has an informative severity level, which means it provides valuable insights and information but does not directly indicate a critical security issue.

This module was authored by geeknik.

Impact

If the "Salesforce Credentials Disclosure" module detects any vulnerabilities, it could potentially expose sensitive Salesforce credentials. This could lead to unauthorized access to Salesforce accounts, compromising the confidentiality and integrity of the data stored within the platform. It is crucial to address any identified vulnerabilities promptly to prevent potential data breaches or unauthorized activities.

How does the module work?

The "Salesforce Credentials Disclosure" module operates by sending HTTP requests to specific endpoints associated with Salesforce. It then applies a set of matching conditions to determine if any vulnerabilities related to credential exposure exist.

For example, the module may send a GET request to endpoints like "/js/salesforce.js" or "/salesforce.js" and check for the presence of specific keywords such as "jsforce.Connection," "conn.login," and "conn.query." It also verifies that the response headers contain the word "text/plain" and that the HTTP status code is 200 (OK).

If all the matching conditions are met, the module will report a potential vulnerability related to Salesforce credentials disclosure.

It is important to note that this description provides an overview of the module's functionality and does not include the actual JSON definitions used by the Vidoc platform.

For more information, you can refer to the reference provided by the original author.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/js/salesforce.js/salesforce.js
Matching conditions
word: jsforce.Connection, conn.login, conn.que...and
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability