2020-10-14 18:22:29 +00:00
id : elmah-log-file
info :
2022-11-24 10:35:00 +00:00
name : ELMAH Exposure
2022-11-21 10:41:54 +00:00
author : shine,idealphase
2024-05-21 07:23:30 +00:00
severity : high
2022-11-21 07:09:24 +00:00
description : |
2024-05-21 07:23:30 +00:00
ELMAH (Error Logging Modules and Handlers) is an application-wide error logging facility that is completely pluggable. It can be dynamically added to a running ASP.NET web application, or even all ASP.NET web applications on a machine, without any need for re-compilation or re-deployment. In some cases, the logs expose ASPXAUTH cookies allowing to hijack a logged in administrator session.
2022-11-21 07:09:24 +00:00
reference :
- https://code.google.com/archive/p/elmah/
- https://www.troyhunt.com/aspnet-session-hijacking-with-google/
2022-11-24 10:35:00 +00:00
metadata :
verified : true
2023-10-14 11:27:55 +00:00
max-request : 2
2022-11-24 10:35:00 +00:00
tags : logs,elmah,exposure
2020-10-14 18:22:29 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-10-14 18:22:29 +00:00
- method : GET
path :
2022-11-21 07:09:24 +00:00
- "{{BaseURL}}/elmah"
2022-11-24 10:35:00 +00:00
- "{{BaseURL}}/elmah.axd"
2020-10-14 18:22:29 +00:00
2022-11-21 07:09:24 +00:00
stop-at-first-match : true
host-redirects : true
max-redirects : 2
2023-10-14 11:27:55 +00:00
2020-10-14 18:22:29 +00:00
matchers-condition : and
matchers :
- type : word
words :
- 'Error Log for'
- type : status
status :
2022-11-21 07:09:24 +00:00
- 200
2024-05-23 05:49:19 +00:00
# digest: 4b0a004830460221008a7f805258e2f9a89c6299ec951b56b46def018df7f37c2d78c43e58b5a95073022100f8859a41f2bae3ab249c313d586d1b11214f0d82728cd94b0ae57e967caa034d:922c64590222798bb761d5b6d8e72950
