Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "WordPress wp-config Detection" module is designed to detect the presence of the wp-config.php file in a WordPress installation. This file contains sensitive information such as database credentials and is remotely accessible, making it a potential security risk. The severity of this vulnerability is classified as medium.
This module was authored by Kiblyn11, zomsop82, madrobot, geeknik, daffainfo, r12w4n, and tess.
If the wp-config.php file is accessible and its content can be read, an attacker could potentially obtain sensitive information such as the database name and password. This information can be used to gain unauthorized access to the WordPress site and its underlying database.
The "WordPress wp-config Detection" module sends HTTP requests to various paths commonly associated with the wp-config.php file, such as "/wp-config.php" and "/wp-config-sample.php". It then applies matching conditions to determine if the file is present and if it contains specific keywords, such as "DB_NAME" and "DB_PASSWORD". Additionally, it checks if the HTTP response status is 200, indicating a successful request.
Here is an example of an HTTP request sent by the module:
GET /wp-config.php HTTP/1.1
Host: example.com
The module matches the response body for the presence of "DB_NAME" and "DB_PASSWORD" and verifies that the response status is 200.