Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Springboot Dump Actuator

By kannthu

Low
Vidoc logoVidoc Module
#springboot#exposure
Description

What is the "Detect Springboot Dump Actuator?" module?

The "Detect Springboot Dump Actuator" module is designed to detect the presence of a misconfiguration in a Spring Boot application. It specifically targets the exposure of sensitive information through the "/dump" and "/actuator/dump" endpoints. This module has a severity level of low.

Impact

If the misconfiguration is present and the sensitive information is exposed, it can potentially lead to unauthorized access and compromise of the application's data.

How the module works?

The "Detect Springboot Dump Actuator" module works by sending HTTP requests to the "/dump" and "/actuator/dump" endpoints of the targeted Spring Boot application. It then applies matching conditions to determine if the sensitive information is being exposed.

One example of a matching condition is checking the response body for specific keywords such as "threadName", "threadId", "waitedTime", "lockName", "stackTrace", and "methodName". Additionally, it verifies that the HTTP response status is 200.

If both matching conditions are met, the module reports a vulnerability, indicating that the sensitive information is being exposed through the actuator endpoints.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/dump/actuator/dump
Matching conditions
word: threadName, threadId, waitedTime, lockNa...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability