Write-up

Docker file expose

Bug Name :- info leaking
Bug Priority :- High

      

Description

A Docker configuration file was found in this directory. This file may expose sensitive information that could help a malicious user to prepare more advanced attacks. It's recommended to full privilage access to mysql db

Impact

Exposing mysql credentials These files may disclose sensitive information. This information can be used to launch further attacks.

Hints

Always look for .yaml or .yml files

POC

        
version: '3'
        
services:
website:
build:
context: ./
dockerfile: Dockerfile_**_local
environment:
- DB_HOSTNAME_PROD=mysql**.com
- DB_USERNAME_PROD=**@mysql-**
- DB_PASSWORD_PROD=***
volumes:
- ./:/var/www/html
ports:
- 80:80
- 443:443