Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Zend Configuration File

By kannthu

High
Vidoc logoVidoc Module
#config#exposure#zend#php
Description

What is the "Zend Configuration File?"

The "Zend Configuration File" module is designed to detect misconfigurations in the Zend PHP framework's configuration files. It targets applications that use the Zend framework and aims to identify potential vulnerabilities related to database credentials. This module has a high severity level and was authored by pdteam, geeknik, and Akokonunes.

Impact

If misconfigurations are found in the Zend configuration files, it could lead to unauthorized access to sensitive information, such as database credentials. This can potentially result in data breaches, unauthorized data modifications, or even complete system compromise.

How does the module work?

The "Zend Configuration File" module works by sending HTTP requests to specific paths where the Zend configuration files are commonly located. It then applies matching conditions to identify potential misconfigurations. The module checks for the presence of sensitive information, such as database passwords and usernames, within the configuration files.

Here is an example of an HTTP request that the module might send:

GET /application/configs/application.ini

The module uses three matching conditions:

    - Regex Match: It searches for lines in the configuration files that contain patterns related to database passwords and usernames. - Header Match: It checks if the response header contains the word "text/plain". - Status Match: It verifies if the HTTP response status is 200 (OK).

All three matching conditions need to be met for the module to report a potential misconfiguration.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/application/configs.../admin/configs/appli.../application.ini(+10 paths)
Matching conditions
regex: db.*(.password).*=, db.*(.username).*=and
word: text/plainand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability