• Creation
  • Validation
  • Communication & fix
  • Disclosure

VirtuPharma / Credentials exposure through .env file
iampritam reported 2021-09-28

Description

Certain credentials are exposed due to the exposure of .env file.

Exposing URL

https://virtupharma.com.au/.env

Resolution

.env should be removed and/or hidden by the webserver

IP:
175.45.125.220
Port:
8443
Detected protocol:
https
Vulnerable URL:
https://virtupharma.com.au:8443/.env 
APP_NAME=Virtupharma
APP_ENV=production
APP_KEY=base64:<redacted>
APP_DEBUG=true
APP_URL=https://virtupharma.com.au/

LOG_CHANNEL=stack

DB_CONNECTION=mysql
DB_HOST=localhost
DB_PORT=3306
DB_DATABASE= <redacted>
DB_USERNAME= virtupharma_db
DB_PASSWORD= <redacted>

BROADCAST_DRIVER=log
CACHE_DRIVER=file
QUEUE_CONNECTION=sync
SESSION_DRIVER=file
SESSION_LIFETIME=120

CAPTCHA_SITE_KEY=<redacted>
CAPTCHA_SECRET_KEY=<redacted>

REDIS_HOST=127.0.0.1
REDIS_PASSWORD=null
REDIS_PORT=6379

MAIL_DRIVER=smtp
MAIL_HOST=smtp.googlemail.com
MAIL_PORT=465
MAIL_USERNAME=<redacted>@gmail.com
MAIL_PASSWORD=<redacted>
MAIL_ENCRYPTION=ssl
MAIL_FROM_ADDRESS=no-reply@virtupharma.com.au
MAIL_FROM_NAME="${APP_NAME}"

AWS_ACCESS_KEY_ID=
AWS_SECRET_ACCESS_KEY=
AWS_DEFAULT_REGION=us-east-1
AWS_BUCKET=

PUSHER_APP_ID=1010475
PUSHER_APP_KEY=<redacted>
PUSHER_APP_SECRET=<redacted>
PUSHER_APP_CLUSTER=us2


MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}"
MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}"
Found by DotEnvConfigPlugin 2021-09-26
Report created by iampritam  2021-09-28
BloodyShell commented 2021-09-28: approved shows in report 

This seems fixed already.

Report comment dispatched to iampritam by system 2021-09-28
Report edited by iampritam  2021-09-28
BloodyShell commented 2021-09-28: approved shows in report 

Not fixed, it moved from port 8443 to port 443

Report comment dispatched to iampritam by system 2021-09-28
Report approved by BloodyShell  2021-09-28
New PDF report generated by system 2021-09-28
Report dispatched to ...@... by system 2021-09-28
BloodyShell commented 2021-10-07: approved shows in report 

Message sent to  Mariam Martin-Mnatsakanyan trough LinkedIn

New PDF report generated by system 2021-10-07
Report comment dispatched to iampritam by system 2021-10-07
Report comment dispatched to info@virtupharma.com.au by system 2021-10-07
BloodyShell commented 2021-10-14: approved shows in report 

Hi we still notice the file at https://virtupharma.com.au/.env

New PDF report generated by system 2021-10-14
Report comment dispatched to iampritam by system 2021-10-14
Report comment dispatched to info@virtupharma.com.au by system 2021-10-14
BloodyShell commented 2021-10-14: approved shows in report 

Message sent to  Mariam Martin-Mnatsakanyan trough LinkedIn again.

New PDF report generated by system 2021-10-14
Report comment dispatched to iampritam by system 2021-10-14
Report comment dispatched to info@virtupharma.com.au by system 2021-10-14
Report marked as fixed by BloodyShell  2021-10-16
Report edited by BloodyShell  2021-10-16
New PDF report generated by system 2021-10-16
Report closed by BloodyShell  2021-10-16
New PDF report generated by system 2021-10-16
BloodyShell commented 2021-10-16: approved shows in report 

Finally returning 403, closed.

New PDF report generated by system 2021-10-16
Report comment dispatched to iampritam by system 2021-10-16
Report comment dispatched to info@virtupharma.com.au by system 2021-10-16
Report edited by BloodyShell  2021-10-16
New PDF report generated by system 2021-10-16
Information
Owner VirtuPharma
Created 2021-09-28 13:06
Updated 2021-10-16 20:43
Fixed true
Contacts
i...@virtupharma.com.au
Status
Status closed
Hosting contacted false
CERT contacted false
Download report

© 2024 LeakIX
About LeakIX - Credits - Take-down and blacklist requests - Security issues - Terms and conditions - Cookie policy - Legal notice