Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

VSCode SFTP File Exposure

By kannthu

High
Vidoc logoVidoc Module
#exposure#vscode#sftp#ssh#files
Description

VSCode SFTP File Exposure

What is the "VSCode SFTP File Exposure?"

The "VSCode SFTP File Exposure" module is designed to detect a vulnerability in the VSCode SFTP extension. This module targets the sensitive files created by the extension, which may contain SFTP/SSH server details and credentials. The severity of this vulnerability is classified as high.

Author: geeknik

Impact

If exploited, this vulnerability could expose sensitive information, such as server details and credentials, to unauthorized individuals. This could potentially lead to unauthorized access to the SFTP/SSH server and compromise the security of the system.

How the module works?

The module works by sending HTTP requests to specific paths, including "/sftp.json", "/.config/sftp.json", and "/.vscode/sftp.json". It then applies matching conditions to determine if the sensitive information is exposed.

Example HTTP request:

GET /sftp.json

The module uses the following matching conditions:

- The response body must contain the words "name", "host", and "protocol". - The response header must contain the word "application/json". - The response status code must be 200.

If all the matching conditions are met, the module reports the vulnerability.

Metadata

verified: true

shodan-query: html:"sftp.json"

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/sftp.json/.config/sftp.json/.vscode/sftp.json
Matching conditions
word: "name":, "host":, "protocol":and
word: application/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability