Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

SFTP Config File Disclosure

By kannthu

High
Vidoc logoVidoc Module
#sftp#config#exposure
Description

SFTP Config File Disclosure - Find Misconfigured SFTP Configurations

What is the SFTP Config File Disclosure module?

The SFTP Config File Disclosure module is a security module designed to detect misconfigurations in SFTP (Secure File Transfer Protocol) configurations. It focuses on identifying instances where sensitive information, such as host, user, password, and remote path, is exposed in the SFTP configuration file.

This module is created by an unknown author and has a severity level of high.

Impact

A misconfigured SFTP configuration file can lead to unauthorized access to sensitive data and potential security breaches. Exposing critical information like host, user, password, and remote path can provide attackers with the necessary credentials to gain unauthorized access to the SFTP server and potentially compromise the entire system.

How the module works?

The SFTP Config File Disclosure module works by sending an HTTP GET request to the "/sftp-config.json" path. It then applies two matching conditions to determine if a misconfiguration is present:

    - The module checks if the response body contains the words "host", "user", "password", and "remote_path" using a word matcher. - The module verifies if the response status code is 200, indicating a successful request.

If both conditions are met, the module reports a vulnerability, indicating that the SFTP configuration file is exposed and potentially misconfigured.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/sftp-config.json
Matching conditions
word: "host":, "user":, "password":, "remote_p...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability