Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Sensitive Configuration Files Listing

By kannthu

Medium
Vidoc logoVidoc Module
#config#listing#exposure
Description

What is the "Sensitive Configuration Files Listing" module?

The "Sensitive Configuration Files Listing" module is designed to detect misconfigurations in a software system that may lead to the exposure of sensitive configuration files. It targets systems that have a directory listing vulnerability, which allows unauthorized access to sensitive files.

This module has a medium severity level, indicating that the misconfiguration can potentially lead to security risks if not addressed.

This module was authored by j33n1k4.

Impact

If the "Sensitive Configuration Files Listing" module detects a misconfiguration, it means that an attacker can easily access and view sensitive configuration files. This can lead to the exposure of sensitive information, such as database credentials, API keys, or other sensitive data stored in configuration files. The impact of this vulnerability depends on the specific files exposed and the sensitivity of the information contained within them.

How does the module work?

The "Sensitive Configuration Files Listing" module works by sending an HTTP GET request to the "/config/" path of the target system. It then applies matching conditions to determine if the response indicates a directory listing vulnerability.

The matching conditions used by this module are:

- The response body contains the phrases "Index of /configs" and "Parent Directory". - The response status code is 200 (OK).

If both matching conditions are met, the module reports a vulnerability, indicating that the target system has a directory listing vulnerability that exposes sensitive configuration files.

Here is an example of an HTTP request sent by the module:

GET /config/ HTTP/1.1
Host: example.com

It is important to note that the module does not perform any modifications or exploit the vulnerability itself. It solely focuses on detecting the presence of the vulnerability and reporting it for further investigation and remediation.

For more information, you can refer to the reference related to this module.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/config/
Matching conditions
word: Index of /configs, Parent Directoryand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability