generic-db: Added checking of SQLite database files exposure.
Michal Mikolas
parent
56a3faa04a
commit
746631b37f
|
|
@ -0,0 +1,151 @@
|
|||
id: generic-db
|
||||
|
||||
info:
|
||||
name: Generic DB file exposure
|
||||
author: Michal Mikolas (nanuqcz)
|
||||
severity: high
|
||||
description: This is collection of some web frameworks recommendation or default configuration for SQLite database file location. If this file is publicly accessible due to server misconfiguration, it could result in application data leak including users sensitive data, password hashes etc.
|
||||
reference:
|
||||
- https://laravel.com/docs/11.x/database#sqlite-configuration # database/database.sqlite
|
||||
- https://laravel.com/docs/5.2/database # database/database.sqlite
|
||||
- https://github.com/laracasts/larabook/blob/master/app/config/database.php#L51 # app/database/production.sqlite
|
||||
- https://forum.codeigniter.com/post-389846.html # writable/db.sqlite3
|
||||
- https://github.com/codeigniter4projects/playground/blob/develop/.env.example#L33 # writable/database.db
|
||||
- https://symfony.com/doc/current/doctrine.html#configuring-the-database # var/app.db
|
||||
- https://symfony.com/doc/4.x/doctrine.html#configuring-the-database # var/app.db
|
||||
- https://symfony.com/doc/3.x/doctrine.html # app/sqlite.db
|
||||
- https://symfony.com/doc/2.x/doctrine.html # sqlite.db
|
||||
- https://openclassrooms.com/forum/sujet/symfony3-sqlite-could-not-create-database # var/data/db.sqlite
|
||||
- https://symfony.com/doc/current/reference/configuration/doctrine.html#doctrine-dbal-configuration # var/data/data.sqlite
|
||||
- https://stackoverflow.com/questions/31762878/sqlite-3-database-with-django # db.sqlite3
|
||||
- https://medium.com/@codewithbushra/using-sqlite-as-a-database-backend-in-django-projects-code-with-bushra-d23e3100686e # db.sqlite3
|
||||
- https://gist.github.com/jwo/4512764?permalink_comment_id=2235763#gistcomment-2235763 # db/production.sqlite3
|
||||
- https://stackoverflow.com/a/30345819/1632572 # db/production.sqlite3
|
||||
- https://developerhowto.com/2018/12/29/build-a-rest-api-with-node-js-and-express-js/ # db.sqlite
|
||||
- https://sqldocs.org/sqlite/sqlite-nodejs/ # mydb.sqlite
|
||||
- https://stackoverflow.com/questions/41620788/error-database-connection-sqlite-is-missing-or-could-not-be-created-cakephp # app/data/app_db.sqlite
|
||||
- https://stackoverflow.com/questions/2722383/using-sqlite3-with-cakephp # app/webroot/database.sqlite, app/database.sqlite
|
||||
- https://levelup.gitconnected.com/how-to-connect-and-use-the-sqlite-database-in-codeigniter-3-48cd50d3e78d # application/databases/db.sqlite
|
||||
- https://turmanauli.medium.com/how-to-connect-codeigniter-to-sqlite3-database-like-a-pro-2177497a6d30 # application/db/database.sqlite
|
||||
- https://forum.codeigniter.com/thread-74522.html # application/Database/db1.db
|
||||
- https://stackoverflow.com/a/37088960/1632572 # application/database/data.db
|
||||
- https://docs.laminas.dev/tutorials/getting-started/database-and-models/ # data/*.db
|
||||
- https://phalcon-nucleon.github.io/#!database/getting-started.html # storage/database/database.sqlite
|
||||
- https://www.yiiframework.com/doc/blog/1.1/en/prototype.database # protected/data/*.db
|
||||
- https://pusher.com/tutorials/rest-api-slim-part-1/ # db/database.db
|
||||
- https://www.digitalocean.com/community/tutorials/how-to-use-the-fat-free-php-framework # db/database.sqlite
|
||||
- https://doc.nette.org/en/database/configuration#toc-single-connection # app/Model/*.db
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
metadata:
|
||||
verified: true
|
||||
tags: database,exposure,sqlite,sqlite3
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
# Recommended paths found in framework official docs or unofficial tutorials
|
||||
- "{{BaseURL}}/database/database.sqlite"
|
||||
- "{{BaseURL}}/database/production.sqlite"
|
||||
- "{{BaseURL}}/app/database/production.sqlite"
|
||||
- "{{BaseURL}}/writable/db.sqlite3"
|
||||
- "{{BaseURL}}/writable/database.db"
|
||||
- "{{BaseURL}}/var/app.db"
|
||||
- "{{BaseURL}}/var/data/db.sqlite"
|
||||
- "{{BaseURL}}/var/data/data.sqlite"
|
||||
- "{{BaseURL}}/app/sqlite.db"
|
||||
- "{{BaseURL}}/sqlite.db"
|
||||
- "{{BaseURL}}/db.sqlite3"
|
||||
- "{{BaseURL}}/db/production.sqlite3"
|
||||
- "{{BaseURL}}/db.sqlite"
|
||||
- "{{BaseURL}}/mydb.sqlite"
|
||||
- "{{BaseURL}}/app/data/app_db.sqlite"
|
||||
- "{{BaseURL}}/app/webroot/database.sqlite"
|
||||
- "{{BaseURL}}/app/database.sqlite"
|
||||
- "{{BaseURL}}/application/databases/db.sqlite"
|
||||
- "{{BaseURL}}/application/db/database.sqlite"
|
||||
- "{{BaseURL}}/application/Database/db1.db"
|
||||
- "{{BaseURL}}/application/database/data.db"
|
||||
- "{{BaseURL}}/data/app.db"
|
||||
- "{{BaseURL}}/data/sqlite.db"
|
||||
- "{{BaseURL}}/data/sqlite3.db"
|
||||
- "{{BaseURL}}/data/database.db"
|
||||
- "{{BaseURL}}/data/production.db"
|
||||
- "{{BaseURL}}/storage/database/database.sqlite"
|
||||
- "{{BaseURL}}/protected/data/app.db"
|
||||
- "{{BaseURL}}/protected/data/sqlite.db"
|
||||
- "{{BaseURL}}/protected/data/sqlite3.db"
|
||||
- "{{BaseURL}}/protected/data/database.db"
|
||||
- "{{BaseURL}}/protected/data/production.db"
|
||||
- "{{BaseURL}}/db/database.db"
|
||||
- "{{BaseURL}}/db/database.sqlite"
|
||||
- "{{BaseURL}}/app/Model/app.db"
|
||||
- "{{BaseURL}}/app/Model/sqlite.db"
|
||||
- "{{BaseURL}}/app/Model/sqlite3.db"
|
||||
- "{{BaseURL}}/app/Model/database.db"
|
||||
- "{{BaseURL}}/app/Model/production.db"
|
||||
|
||||
# General paths
|
||||
- "{{BaseURL}}/app.db"
|
||||
- "{{BaseURL}}/sqlite3.db"
|
||||
- "{{BaseURL}}/app.sqlite"
|
||||
- "{{BaseURL}}/app.sqlite3"
|
||||
- "{{BaseURL}}/database.db"
|
||||
- "{{BaseURL}}/database.sqlite"
|
||||
- "{{BaseURL}}/database.sqlite3"
|
||||
- "{{BaseURL}}/production.db"
|
||||
- "{{BaseURL}}/production.sqlite"
|
||||
- "{{BaseURL}}/production.sqlite3"
|
||||
- "{{BaseURL}}/db/db.sqlite"
|
||||
- "{{BaseURL}}/db/db.sqlite3"
|
||||
- "{{BaseURL}}/db/sqlite.db"
|
||||
- "{{BaseURL}}/db/sqlite3.db"
|
||||
- "{{BaseURL}}/db/app.db"
|
||||
- "{{BaseURL}}/db/app.sqlite"
|
||||
- "{{BaseURL}}/db/app.sqlite3"
|
||||
- "{{BaseURL}}/db/database.sqlite3"
|
||||
- "{{BaseURL}}/db/production.db"
|
||||
- "{{BaseURL}}/db/production.sqlite"
|
||||
- "{{BaseURL}}/app/db.sqlite"
|
||||
- "{{BaseURL}}/app/db.sqlite3"
|
||||
- "{{BaseURL}}/app/sqlite3.db"
|
||||
- "{{BaseURL}}/app/app.db"
|
||||
- "{{BaseURL}}/app/app.sqlite"
|
||||
- "{{BaseURL}}/app/app.sqlite3"
|
||||
- "{{BaseURL}}/app/database.db"
|
||||
- "{{BaseURL}}/app/database.sqlite3"
|
||||
- "{{BaseURL}}/app/production.db"
|
||||
- "{{BaseURL}}/app/production.sqlite"
|
||||
- "{{BaseURL}}/app/production.sqlite3"
|
||||
- "{{BaseURL}}/data/db.sqlite"
|
||||
- "{{BaseURL}}/data/db.sqlite3"
|
||||
- "{{BaseURL}}/data/app.sqlite"
|
||||
- "{{BaseURL}}/data/app.sqlite3"
|
||||
- "{{BaseURL}}/data/database.sqlite"
|
||||
- "{{BaseURL}}/data/database.sqlite3"
|
||||
- "{{BaseURL}}/data/production.sqlite"
|
||||
- "{{BaseURL}}/data/production.sqlite3"
|
||||
- "{{BaseURL}}/database/db.sqlite"
|
||||
- "{{BaseURL}}/database/db.sqlite3"
|
||||
- "{{BaseURL}}/database/sqlite.db"
|
||||
- "{{BaseURL}}/database/sqlite3.db"
|
||||
- "{{BaseURL}}/database/app.db"
|
||||
- "{{BaseURL}}/database/app.sqlite"
|
||||
- "{{BaseURL}}/database/app.sqlite3"
|
||||
- "{{BaseURL}}/database/database.db"
|
||||
- "{{BaseURL}}/database/database.sqlite3"
|
||||
- "{{BaseURL}}/database/production.db"
|
||||
- "{{BaseURL}}/database/production.sqlite3"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
negative: true
|
||||
words:
|
||||
- "<html"
|
||||
Loading…
Reference in New Issue