Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Node Exporter Metrics

By kannthu

Low
Vidoc logoVidoc Module
#node#exposure#debug
Description

What is "Detect Node Exporter Metrics?"

The "Detect Node Exporter Metrics" module is designed to detect potential misconfigurations or vulnerabilities in the Node Exporter software. Node Exporter is a Prometheus exporter that collects system-level metrics from Linux machines. This module focuses on identifying information disclosure vulnerabilities related to garbage collection.

This module has a low severity level, indicating that the identified issues may not pose a significant threat but should still be addressed to maintain a secure system.

This module was authored by pussycat0x.

Impact

If a misconfiguration or vulnerability is detected by this module, it could potentially lead to the exposure of sensitive information related to garbage collection. This information could be leveraged by attackers to gain insights into the system's performance or identify potential weaknesses.

How does the module work?

The "Detect Node Exporter Metrics" module utilizes HTTP request templates and matching conditions to identify potential vulnerabilities or misconfigurations. It sends a GET request to the "/metrics" endpoint of the target system running Node Exporter.

The module's matching conditions include:

- Body Matcher: The module looks for specific keywords, such as "node_cooling_device" and "node_network," in the response body. If these keywords are present, it indicates a potential information disclosure vulnerability. - Status Matcher: The module checks if the HTTP response status code is 200. A successful response indicates that the target system is accessible and responsive.

By combining these matching conditions, the module determines whether the target system is potentially vulnerable to information disclosure related to garbage collection.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/metrics
Matching conditions
word: node_cooling_device, node_networkand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability