Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Detects Springboot Features Actuator

By kannthu

Low
Vidoc logoVidoc Module
#misconfig#springboot#exposure
Description

What is the "Detects Springboot Features Actuator?" module?

The "Detects Springboot Features Actuator" module is designed to detect misconfigurations in Springboot applications. It specifically targets the Springboot Actuator feature, which provides endpoints for monitoring and managing the application. This module has a low severity level and was authored by DhiyaneshDK.

Impact

This module helps identify potential misconfigurations in the Springboot Actuator feature. Misconfigurations in this area can lead to unauthorized access or exposure of sensitive information, posing a security risk to the application.

How does the module work?

The module works by sending HTTP requests to specific endpoints related to the Springboot Actuator feature. It then applies matching conditions to determine if any misconfigurations are present. The matching conditions include:

- Checking the response body for the presence of the keywords "\"enabled\":[\" and "\"disabled\":[\"" to identify enabled or disabled features. - Verifying the presence of specific headers, such as "application/json", "application/vnd.spring-boot.actuator", or "application/vnd.spring-boot.actuator.v1+json". - Ensuring that the HTTP response status is 200.

By analyzing these conditions, the module can identify potential misconfigurations in the Springboot Actuator feature.

Example HTTP request:

GET /features HTTP/1.1
Host: example.com

Note: The above example is a simplified representation of the HTTP request and does not include all the headers and parameters that may be present in the actual request.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/features/actuator/features
Matching conditions
word: "enabled":[, "disabled":[and
word: application/json, application/vnd.spring...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability