Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Detects Springboot Logfile Actuator" module is designed to identify potential misconfigurations in Springboot applications related to the logfile actuator. Springboot is a popular Java framework used for building web applications. This module focuses on detecting any exposure or misconfiguration related to the logfile actuator in Springboot applications. The severity of this module is classified as low, indicating that the identified issues may have limited impact.
This module was authored by DhiyaneshDK.
The impact of the "Detects Springboot Logfile Actuator" module is primarily related to the potential exposure of sensitive information through the logfile actuator. If misconfigured, an attacker may gain unauthorized access to log files, which could contain sensitive data such as user credentials or system information. This module aims to identify such misconfigurations and raise awareness of the potential risks.
The "Detects Springboot Logfile Actuator" module operates by sending HTTP requests to specific endpoints commonly associated with the logfile actuator in Springboot applications. It then applies a set of matching conditions to determine if the application exhibits signs of misconfiguration or exposure.
One example of an HTTP request sent by this module is a GET request to the following paths:
/logfile
/actuator/logfile
/actuators/logfile
The module applies the following matching conditions:
- The response body must contain the words "springframework.web.HttpRequestMethodNotSupportedException" and "INFO". - The response header must include the word "text/plain". - The HTTP response status code must be 200.By evaluating these conditions, the module determines if the logfile actuator is misconfigured or exposed in the Springboot application.