Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

UpdraftPlus Plugin Pem Key

By kannthu

Informative
Vidoc logoVidoc Module
#wp-plugin#edb#wordpress
Description

What is the "UpdraftPlus Plugin Pem Key?"

The "UpdraftPlus Plugin Pem Key" module is designed to detect a specific misconfiguration in the UpdraftPlus WordPress plugin. UpdraftPlus is a popular plugin used for backing up and restoring WordPress websites. This module focuses on identifying the presence of .pem files in the /wp-content/plugins/updraftplus/includes/ directory. The severity of this misconfiguration is classified as informative.

Impact

If the "UpdraftPlus Plugin Pem Key" module detects the presence of .pem files, it indicates a potential security risk. .pem files often contain sensitive information such as private keys, certificates, or other cryptographic material. If these files are accessible to unauthorized users, it could lead to unauthorized access or compromise of the website's security.

How the module works?

The "UpdraftPlus Plugin Pem Key" module works by sending an HTTP GET request to the /wp-content/plugins/updraftplus/includes/ directory of the target WordPress website. It then checks the response body for the presence of specific keywords, including "Index of /", ".pem", and "updraftplus". Additionally, it verifies that the HTTP response status is 200 (OK). If all the matching conditions are met, the module reports a potential misconfiguration.

Example HTTP request:

GET /wp-content/plugins/updraftplus/includes/ HTTP/1.1
Host: example.com

The matching conditions for this module are:

- The response body must contain the keywords "Index of /", ".pem", and "updraftplus". - The HTTP response status must be 200 (OK).

If both conditions are satisfied, the module will report a potential misconfiguration in the UpdraftPlus WordPress plugin.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-content/plugins/...
Matching conditions
word: Index of /, .pem, updraftplusand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability