Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Springboot autoconfig Actuator

By kannthu

Low
Vidoc logoVidoc Module
#springboot#exposure
Description

What is the "Detect Springboot autoconfig Actuator?" module?

The "Detect Springboot autoconfig Actuator" module is designed to detect misconfigurations in Spring Boot applications related to the Actuator feature. Spring Boot Actuator provides endpoints to monitor and manage your application, and auto-configuration is a key feature that automatically configures these endpoints based on your application's dependencies.

This module targets Spring Boot applications and checks for the presence of specific auto-configuration candidates. It helps identify potential issues with the application's Actuator configuration, allowing developers to ensure that the correct auto-configurations are applied.

This module has a low severity level, indicating that the detected misconfigurations may not pose significant security risks but should still be addressed to ensure optimal application performance and functionality.

Author: pussycat0x

Impact

The misconfigurations detected by this module can impact the behavior and functionality of the Spring Boot Actuator feature. Incorrect or missing auto-configurations may result in the Actuator endpoints not being properly configured, leading to limited or inaccurate monitoring and management capabilities for the application.

How does the module work?

The "Detect Springboot autoconfig Actuator" module works by sending HTTP requests to specific endpoints related to Spring Boot Actuator auto-configuration. It then applies matching conditions to determine if the expected auto-configuration candidates are present and if the HTTP response status is as expected.

For example, the module may send a GET request to the "/autoconfig" and "/actuator/autoconfig" endpoints. It checks the response body for specific words like "positiveMatches", "AuditAutoConfiguration#auditListener", and "EndpointAutoConfiguration#beansEndpoint". Additionally, it verifies that the HTTP response status is 200 (OK).

If all the matching conditions are met, the module reports a potential misconfiguration related to the Actuator auto-configuration. This information can be used by developers to investigate and resolve any issues with the Actuator configuration in their Spring Boot applications.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/autoconfig/actuator/autoconfig
Matching conditions
word: positiveMatches, AuditAutoConfiguration#...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability