Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

WordPress debug log

By kannthu

Low
Vidoc logoVidoc Module
#wordpress#log
Description

What is the "WordPress debug log?"

The WordPress Debug Log module is designed to detect misconfigurations in a WordPress website by scanning for the presence of a Debug Log. This module specifically targets WordPress sites and is an essential tool for identifying potential issues. The severity of this misconfiguration is classified as low.

Impact

A misconfigured WordPress debug log can expose sensitive information about the website, including PHP errors, warnings, and notices. This can potentially aid attackers in identifying vulnerabilities and exploiting them.

How the module works?

The WordPress Debug Log module works by sending an HTTP GET request to the "/wp-content/debug.log" path on the target WordPress website. It then applies a series of matching conditions to determine if the debug log is present and accessible.

The matching conditions include:

- The response header must contain either "octet-stream" or "text/plain" as part of its content type. - The response body must match the regular expression pattern "[[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:[0-9]{2}:[0-9]{2} [A-Z]{3}] PHP", which represents the format of a PHP error log entry. - The HTTP response status code must be 200, indicating a successful request.

If all of these conditions are met, the module reports a potential misconfiguration in the WordPress debug log.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/wp-content/debug.lo...
Matching conditions
word: octet-stream, text/plainand
regex: [[0-9]{2}-[a-zA-Z]{3}-[0-9]{4} [0-9]{2}:...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability