Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Spring Gateway Actuator

By kannthu

Medium
Vidoc logoVidoc Module
#springboot#exposure
Description

What is the "Detect Spring Gateway Actuator?" module?

The "Detect Spring Gateway Actuator" module is designed to detect vulnerabilities in the Spring Gateway Actuator software. It focuses on identifying misconfigurations or potential security issues related to the exposure of sensitive environment variables. This module has a medium severity level and was authored by wdahlenb.

Impact

If a misconfiguration or vulnerability is detected in the Spring Gateway Actuator, it could potentially expose sensitive environment variables. This could lead to unauthorized access, data breaches, or other security incidents.

How does the module work?

The "Detect Spring Gateway Actuator" module works by sending HTTP requests to specific endpoints ("/gateway/routes" and "/actuator/gateway/routes") of the Spring Gateway Actuator software. It then applies matching conditions to determine if the software is misconfigured or vulnerable.

Example HTTP request:

GET /gateway/routes
GET /actuator/gateway/routes

The module uses the following matching conditions:

- The response body must contain the words "predicate" and "route_id". - The request header must include the word "application/json". - The response status code must be 200.

If all of these conditions are met, the module will report a potential vulnerability or misconfiguration in the Spring Gateway Actuator.

For more information, you can refer to the reference article.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/gateway/routes/actuator/gateway/ro...
Matching conditions
word: predicate, route_idand
word: application/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability