🍡[Severity 3] Sensitive Data Exposure
Notes about Sensitive Data Exposure & the practical.
Sensitive Data Exposure - when a webapp accidentally exposes sensitive data. Usually consists of customer information and could also be more technical information such as usernames and passwords.
The most common way to store a large amount of data is in a database. Databases usually follow SQL syntax or sometimes NoSQL.
Sometimes databases could be stored underneath the root directory of the website which can be downlaodable and queried from our own machine.
sqlite3 is the most common flat-file database and can be interacted with most programming language.
To access a SQlite database, we can use the command, "sqlite3 <database-name>"
To see the tables in the database we can use the ".tables" command.
Practical
To begin with this practical, I navigated to the webapp located at 10.10.37.57 and looked around the page source for comments.
Nothing stood out to me on the home page so I went to the next link I saw which was the /login page. On the /login page I could see some comments in the html code.
From the comment we found in the code, we can see there is a database stored at /assets.
From here, we can answer the first two questions. The mentioned directory is /assets and the important looking file is webapp.db.
I downloaded the webapp.db file and began running sqlite3.
Last updated