logo

Database

Ruby Rails Master Key Exposed

Description

Rails master key exposed vulnerability detector identifies when cryptographic master keys used by Rails applications are inadvertently committed to version control or stored in accessible locations. The Rails master key is used to decrypt credentials and secrets, so exposure could allow attackers to decrypt sensitive application data and access production secrets.

Weakness:

009 - Sensitive information in source code

Category: Information Collection

Detection Strategy

    Check if the file path matches expected Rails master key file locations (typically config/master.key)

    Verify that the file content matches the expected format pattern for a Rails master key

    Report vulnerability when both conditions are met: file is in master key path AND content follows Rails master key format

Vulnerable code example

debug = true  # Enables debug mode, exposing sensitive information

✅ Secure code example

debug = false  # Disable debug mode in production to prevent information exposure