Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Apache Struts in Dev Mode

By kannthu

Low
Vidoc logoVidoc Module
#struts#debug#edb#exposure#apache
Description

What is "Apache Struts in Dev Mode?"

The "Apache Struts in Dev Mode" module is designed to detect misconfigurations in Apache Struts applications that are running in development mode. Apache Struts is an open-source framework used for developing Java web applications. This module focuses on identifying potential vulnerabilities in the Struts framework that could be exploited by attackers.

This module has a low severity level, indicating that the detected misconfigurations may not pose a significant risk but should still be addressed to ensure the security of the application.

Author: dhiyaneshDK

Impact

If misconfigurations are found in Apache Struts applications running in development mode, it could potentially expose sensitive information or provide an entry point for attackers to exploit the application. This could lead to unauthorized access, data breaches, or other security incidents.

How the module works?

The "Apache Struts in Dev Mode" module works by analyzing the HTTP responses from the target application and matching them against specific conditions. It looks for the presence of the "<title>Struts Problem Report</title>" string in the response body and verifies that the HTTP status code is 200.

If both conditions are met, the module reports a vulnerability, indicating that the target application is running in development mode and may be susceptible to potential security risks.

Example HTTP request:

GET / HTTP/1.1
Host: example.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3

The module matches the response against the following conditions:

- The response body contains the string "<title>Struts Problem Report</title>" - The HTTP status code is 200

If both conditions are satisfied, the module will report a vulnerability related to the Apache Struts application running in development mode.

Reference: https://www.exploit-db.com/ghdb/4278

Module preview

Concurrent Requests (0)
Passive global matcher
word: <title>Struts Problem Report</title>and
status: 200
On match action
Report vulnerability