Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jeecg Boot Swagger Bootstrap UI - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#jeecg#swagger#detect#exposure
Description

What is the "Jeecg Boot Swagger Bootstrap UI - Detect?" module?

The "Jeecg Boot Swagger Bootstrap UI - Detect" module is designed to detect the presence of the Swagger-Bootstrap-UI in the Jeecg Boot software. Jeecg Boot is an enterprise-level low-code platform. This module focuses on identifying potential misconfigurations or vulnerabilities related to the Swagger-Bootstrap-UI component.

This module has an informative severity level, which means it provides valuable information but does not indicate an immediate security threat.

Author: ritikchaddha

Impact

This module aims to identify any potential misconfigurations or vulnerabilities related to the Swagger-Bootstrap-UI component in Jeecg Boot. The impact of these misconfigurations or vulnerabilities can vary depending on the specific findings, but they could potentially expose sensitive information or lead to unauthorized access.

How does the module work?

The module works by sending an HTTP GET request to the "/jeecg-boot/" path and analyzing the response body. It looks for the presence of the "" string in the response body. If this string is found, it indicates that the Swagger-Bootstrap-UI component is being used in Jeecg Boot.

The matching condition for this module is based on a word matcher that searches for the specified string in the response body. The condition is set to "and," meaning that all matchers must be satisfied for the module to consider the detection successful.

Example HTTP request:

GET /jeecg-boot/ HTTP/1.1
Host: [target_host]

Note: Replace "[target_host]" with the actual target host.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/jeecg-boot/
Matching conditions
word: <title>Swagger-Bootstrap-UI</title>
Passive global matcher
No matching conditions.
On match action
Report vulnerability