Healthix Vulnerability and Penetration Testing Report
- Doreen G. Wamiti
Ref | Observation | Impact | Risk Rating | Recommendation |
2020 W 5.2.1 | Database Credential in Error Message Database credentials leaked in error message. During login on http://104.248.143.105:8000/api/admin/ the application takes long to respond and eventually throws an error. | The credentials leaked can be used to compromise the database and the data. | 
| Disable debugging on the application and correct the response time on the application. |
2020 W 5.2.2 | Debug enabled on http://104.248.143.105:8000/ When visiting the above URL, we are present with a page that suggests possible directory on the server. This happens when the debug mode is enabled on the application. | The information presented on the page gives more info that may used but an attacker to attack the application. | 
| Disable debugging on the application. |
2020 W 5.2.3 | SSH and other ports found on the server The IPs 104.248.143.105, 104.236.39.170 and 104.236.37.64 have ports 22, 53, 443 and others open. | Some of the ports,such as 22 can be abused by attackers by doing a bruteforce attack which may lead to DDoS attack. |
| Disable unused ports. |
Ref | Observation | Impact | Risk Rating | Recommendation |
2020 W 5.2.4 | GraphQL Console Enabled The endpoint http://104.248.143.105:8000/api/graphql gives a graphql web interface that is accessible without credentials, the interface allows for graphql queries to the server. | The interface can be abused by an attacker to bruteforce the queries. |
| Restrict access to the console or disable the console. |
Evidence
1. Database Credential in Error Message
2. Debug enabled on http://104.248.143.105:8000/
3. SSH and other ports found on the server
4. GraphQL Console Enabled
Did you encounter a problem or do you have a suggestion?
Please contact our Service Desk
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. https://creativecommons.org/licenses/by-sa/4.0/