漏洞描述
Detected exposed Visual Studio Code configuration files that were accessible over HTTP, which could have led to credential leakage or sensitive workspace disclosure.
vscode-settings: Visual Studio Code Settings - Credential Exposure
PoC代码[已公开]
id: vscode-settings
info:
name: Visual Studio Code Settings - Credential Exposure
author: DhiyaneshDk
severity: low
description: |
Detected exposed Visual Studio Code configuration files that were accessible over HTTP, which could have led to credential leakage or sensitive workspace disclosure.
metadata:
max-request: 3
verified: true
shodan-query: html:".vscode" html:"Directory listing for /"
tags: exposure,config,vscode,misconfig
http:
- method: GET
path:
- "{{BaseURL}}/.vscode/settings.json"
- "{{BaseURL}}/settings.json"
- "{{BaseURL}}/.vscode/launch.json"
- "{{BaseURL}}/.vscode/tasks.json"
- "{{BaseURL}}/.vscode-server/data/Machine/settings.json"
stop-at-first-match: true
matchers:
- type: dsl
name: launch
dsl:
- 'status_code == 200'
- 'contains(content_type, "application/json")'
- 'contains_all(body, "launch", "configurations")'
condition: and
- type: dsl
name: settings
dsl:
- 'status_code == 200'
- 'contains(content_type, "application/json")'
- 'contains_any(body, "ignoreLimitWarning", "yaml.schemas", "search.exclude", "sqltools.connections", "python", "livePreview", "multipliers", "matchCommandLine", "errorSquiggles", "editor")'
condition: and
- type: dsl
name: task
dsl:
- 'status_code == 200'
- 'contains(content_type, "application/json")'
- 'contains_all(body, "version", "tasks")'
condition: and
# digest: 4b0a004830460221009ecf2292d217407584a033826411915d040135b41e0c70b7d765e13598e8eeee022100db88fd7cb72cbe93ed319df3b6072ec2bc5c08a22a25379cd6f6a77577188e8f:922c64590222798bb761d5b6d8e72950