2020-10-14 18:22:29 +00:00
id : elmah-log-file
info :
2022-11-24 10:35:00 +00:00
name : ELMAH Exposure
2022-11-21 10:41:54 +00:00
author : shine,idealphase
2024-05-21 07:23:30 +00:00
severity : high
2022-11-21 07:09:24 +00:00
description : |
2024-05-21 07:23:30 +00:00
ELMAH (Error Logging Modules and Handlers) is an application-wide error logging facility that is completely pluggable. It can be dynamically added to a running ASP.NET web application, or even all ASP.NET web applications on a machine, without any need for re-compilation or re-deployment. In some cases, the logs expose ASPXAUTH cookies allowing to hijack a logged in administrator session.
2022-11-21 07:09:24 +00:00
reference :
- https://code.google.com/archive/p/elmah/
- https://www.troyhunt.com/aspnet-session-hijacking-with-google/
2022-11-24 10:35:00 +00:00
metadata :
verified : true
2023-10-14 11:27:55 +00:00
max-request : 2
2022-11-24 10:35:00 +00:00
tags : logs,elmah,exposure
2020-10-14 18:22:29 +00:00
2023-04-27 04:28:59 +00:00
http :
2020-10-14 18:22:29 +00:00
- method : GET
path :
2022-11-21 07:09:24 +00:00
- "{{BaseURL}}/elmah"
2022-11-24 10:35:00 +00:00
- "{{BaseURL}}/elmah.axd"
2020-10-14 18:22:29 +00:00
2022-11-21 07:09:24 +00:00
stop-at-first-match : true
host-redirects : true
max-redirects : 2
2023-10-14 11:27:55 +00:00
2020-10-14 18:22:29 +00:00
matchers-condition : and
matchers :
- type : word
words :
- 'Error Log for'
- type : status
status :
2022-11-21 07:09:24 +00:00
- 200
2023-10-20 11:41:13 +00:00
# digest: 4a0a00473045022041713d43c8599e2c01d09ef6c0cc98279b9480702f417395ce30e008679c2f890221008ca2a38749c9eeeb1c8a9ad56ae4a3425e0fc15e26b343eae714e798e222dd5e:922c64590222798bb761d5b6d8e72950
