Druid Monitor Unauthorized Access

What is the "Druid Monitor Unauthorized Access?" module?

The "Druid Monitor Unauthorized Access" module is a test case designed to detect unauthorized access vulnerabilities in the Druid monitoring software. It is a high severity module that aims to identify potential security risks related to misconfigurations or vulnerabilities in the software.

This module was authored by ohlinge.

Impact

If the "Druid Monitor Unauthorized Access" module detects unauthorized access, it indicates that the target Druid monitoring software may be vulnerable to unauthorized access by unauthorized users. This could potentially lead to unauthorized data access, manipulation, or other security breaches.

How does the module work?

The "Druid Monitor Unauthorized Access" module works by sending an HTTP GET request to the "/druid/index.html" path of the target Druid monitoring software. It then applies matching conditions to determine if unauthorized access is possible.

The matching conditions for this module are as follows:

- The response body must contain the phrase "Druid Stat Index</title>" - The response status code must be 200

If both matching conditions are met, the module will report a vulnerability related to unauthorized access in the target Druid monitoring software.