Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

JFrog Unauthentication Builds

By kannthu

Medium
Vidoc logoVidoc Module
#jfrog
Description

JFrog Unauthentication Builds

What is the "JFrog Unauthentication Builds?"

The "JFrog Unauthentication Builds" module is designed to detect misconfigurations in JFrog software. It targets instances where builds are exposed without proper authentication, which can pose a security risk. This module has a medium severity level and was authored by dhiyaneshDK.

Impact

If the JFrog Unauthentication Builds module detects a misconfiguration, it indicates that unauthorized users may have access to sensitive build information. This can potentially lead to unauthorized modifications, data leaks, or other security breaches.

How the module works?

The JFrog Unauthentication Builds module works by sending an HTTP POST request to the JFrog instance's global search endpoint. The request includes specific parameters to search for builds without proper authentication. The module then checks the response for specific conditions to determine if a misconfiguration is present.

Example HTTP request:

POST /ui/api/v1/global-search/builds?jfLoader=true HTTP/1.1
Host: <Hostname>
Content-Type: application/json

{
  "name":"",
  "before":"",
  "after":"",
  "direction":"desc",
  "order_by":"date",
  "num_of_rows":100
}

The module uses the following matching conditions:

- The request body must contain the words "last_build_number" and "build_name". - The request header must contain the word "application/json". - The response status code must be 200.

By analyzing these conditions, the module determines if the JFrog instance has a misconfiguration that exposes builds without proper authentication.

For more information, you can refer to the JFrog Unauthentication Builds signature in the jaeles-project GitHub repository.

Metadata: max-request: 1

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: last_build_number, build_nameand
word: application/jsonand
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability