漏洞描述
Detected exposed Azure Functions host.json configuration files. The exposed metadata revealed sensitive runtime, logging, extension, and infrastructure settings that could aid attackers in understanding the application architecture.
azure-functions-hostjson-exposure: Azure Functions host.json Configuration Exposure
PoC代码[已公开]
id: azure-functions-hostjson-exposure
info:
name: Azure Functions host.json Configuration Exposure
author: pussycat0x
severity: medium
description: |
Detected exposed Azure Functions host.json configuration files. The exposed metadata revealed sensitive runtime, logging, extension, and infrastructure settings that could aid attackers in understanding the application architecture.
metadata:
max-request: 1
verified: false
tags: azure,config,exposure,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/host.json"
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"version"'
- type: word
part: body
words:
- '"extensionBundle"'
- '"functionTimeout"'
- '"logging"'
- '"extensions"'
- '"healthMonitor"'
- '"singleton"'
- '"concurrency"'
- '"Microsoft.Azure.Functions.ExtensionBundle"'
condition: or
- type: status
status:
- 200
# digest: 4a0a00473045022100c523684b6d13e147d9da673f440bd6b53bb66af1683dc1bf88b26c78faaebc16022073a91f758d58579420dded447847bb8ad304a5ad6301df2ee81633cc61f0d2ca:922c64590222798bb761d5b6d8e72950