Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Springboot metrics Actuator

By kannthu

Low
Vidoc logoVidoc Module
#springboot#exposure
Description

What is the "Detect Springboot metrics Actuator?" module?

The "Detect Springboot metrics Actuator" module is designed to detect misconfigurations in Spring Boot applications by checking the exposed metrics endpoint. It targets Spring Boot applications and aims to identify potential vulnerabilities related to the metrics endpoint. This module has a low severity level and was authored by pussycat0x.

Impact

This module helps identify any additional routes that may be displayed when accessing the metrics endpoint of a Spring Boot application. By detecting these routes, it can help uncover potential security risks or misconfigurations that could be exploited by attackers.

How does the module work?

The "Detect Springboot metrics Actuator" module works by sending HTTP requests to the "/metrics" and "/actuator/metrics" paths of the target Spring Boot application. It then applies matching conditions to determine if the response contains specific metrics-related keywords, such as "mem", "mem.free", "processors", "instance.uptime", "systemload.average", "nonheap.init", and "heap.committed". Additionally, it checks if the response status is 200 (OK).

For example, the module might send a GET request to "/metrics" and expect the response to contain the mentioned keywords. If the response meets the matching conditions, the module will report a potential vulnerability or misconfiguration.

By analyzing the metrics endpoint, this module helps identify any exposed or misconfigured routes that could pose a security risk to the Spring Boot application.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/metrics/actuator/metrics
Matching conditions
word: mem, mem.free, processors, instance.upti...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability