Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jaeger UI

By kannthu

Low
Vidoc logoVidoc Module
#misconfig
Description

What is the "Jaeger UI" module?

The "Jaeger UI" module is designed to detect misconfigurations in the Jaeger UI software. It is a low severity module created by dhiyaneshDK. The module is used as a test case in the Vidoc platform to scan for potential vulnerabilities.

Impact

This module helps identify misconfigurations in the Jaeger UI software, which can potentially lead to security vulnerabilities. By detecting these misconfigurations, users can take appropriate actions to secure their Jaeger UI installations and prevent potential attacks.

How does the module work?

The "Jaeger UI" module works by sending an HTTP GET request to the "/search" path of the target Jaeger UI instance. It then applies matching conditions to determine if the response indicates a misconfiguration. The matching conditions include checking if the response contains the "" string and if the response status is 200.

Here is an example of the HTTP request sent by the module:

GET /search

The module matches the response against the following conditions:

- The response must contain the "<title>Jaeger UI</title>" string. - The response status must be 200.

If both conditions are met, the module identifies a potential misconfiguration in the Jaeger UI software.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/search
Matching conditions
word: <title>Jaeger UI</title>and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability