Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detect Springboot Trace Actuator

By kannthu

Low
Vidoc logoVidoc Module
#misconfig#springboot#exposure
Description

What is the "Detect Springboot Trace Actuator?" module?

The "Detect Springboot Trace Actuator" module is designed to detect potential misconfigurations in Spring Boot applications. It specifically targets the Spring Boot Trace Actuator, which is a feature that allows developers to view recent HTTP requests and responses. This module helps identify instances where the Trace Actuator is exposed to unauthorized access, potentially leading to information leakage.

This module has a severity level of low, indicating that the detected vulnerability may have limited impact but should still be addressed to ensure the security of the application.

The original authors of this module are that_juan_, dwisiswant0, and wdahlenb.

Impact

If the Spring Boot Trace Actuator is misconfigured and exposed, it can provide unauthorized users with access to sensitive information about recent HTTP requests and responses. This can potentially lead to the exposure of sensitive data, such as user credentials or other confidential information.

How does the module work?

The "Detect Springboot Trace Actuator" module works by sending HTTP requests to the target application and analyzing the responses based on specific matching conditions. It checks for the presence of certain keywords in the response body, such as "timestamp," "info," "method," and "path." Additionally, it verifies that the response headers contain specific content types related to the Spring Boot Actuator.

Here is an example of an HTTP request that the module may send:

GET /trace

The module then evaluates the response based on the defined matching conditions:

- The response body must contain all the specified keywords. - The response headers must include one of the following content types: "application/json," "application/vnd.spring-boot.actuator," or "application/vnd.spring-boot.actuator.v1+json." - The response status code must be 200.

If all the matching conditions are met, the module will report a potential misconfiguration in the Spring Boot Trace Actuator.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/trace
Matching conditions
word: "timestamp", "info", "method", "path"and
word: application/json, application/vnd.spring...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability