Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

settings.php information disclosure

By kannthu

Medium
Vidoc logoVidoc Module
#exposure#backup
Description

What is the "settings.php information disclosure?"

The "settings.php information disclosure" module is designed to detect a potential vulnerability in the settings.php file of a website. This module targets websites that use a settings.php file to store sensitive information, such as database credentials. The severity of this vulnerability is classified as medium.

This module was authored by sheikhrishad.

Impact

If the settings.php file is exposed, it can potentially lead to unauthorized access to sensitive information, such as database credentials. This can result in data breaches, unauthorized modifications, or even complete compromise of the website.

How does the module work?

The "settings.php information disclosure" module works by sending HTTP requests to specific paths where the settings.php file might be stored. It then applies matching conditions to determine if the file contains sensitive information, such as database names or credentials.

For example, the module might send a GET request to paths like "/settings.php.bak" or "/settings.php.dist". It checks if the response status is 200 (OK) and if the response body contains specific keywords related to database information.

The matching conditions used in this module are:

- Check if the response body contains the words "DB_NAME" or "DB". - Check if the response status is 200 (OK).

If both conditions are met, the module reports a potential vulnerability.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/settings.php.bak/settings.php.dist/settings.php.old(+3 paths)
Matching conditions
word: DB_NAME, DBand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability