Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Detect Springboot Env Actuator" module is designed to detect misconfigurations in Spring Boot applications. It specifically targets the Spring Boot Actuator endpoint "/env" and its variations. This module has a low severity level and was authored by that_juan_, dwisiswant0, wdahlenb, philippedelteil, and stupidfish.
This module aims to identify sensitive environment variables that may not be properly masked in Spring Boot applications. By detecting these misconfigurations, it helps prevent potential security vulnerabilities and data leaks.
The "Detect Springboot Env Actuator" module works by sending HTTP requests to the targeted Spring Boot Actuator endpoints, such as "/env" and "/actuator/env". It then applies matching conditions to analyze the responses and determine if any sensitive information is exposed.
Here is an example of an HTTP request sent by this module:
GET /env
The module uses various matching conditions to identify misconfigurations:
- The response body is checked for the presence of specific words, such as "applicationConfig" and "activeProfiles". - The response body is also checked for the presence of words related to server ports, such as "server.port" and "local.server.port". - The response headers are checked for specific content types, including "application/json", "application/vnd.spring-boot.actuator", "application/vnd.spring-boot.actuator.v1+json", and "application/vnd.spring-boot.actuator.v2+json". - The HTTP response status code is checked to ensure it is 200 (OK).By combining these matching conditions, the module can accurately detect misconfigurations in Spring Boot applications related to the Actuator endpoint.