Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jolokia - Information disclosure

By kannthu

Medium
Vidoc logoVidoc Module
#jolokia#springboot#mbean#tomcat
Description

Jolokia - Information disclosure

What is the "Jolokia - Information disclosure?"

The "Jolokia - Information disclosure" module is designed to detect information disclosure vulnerabilities in applications that use the Jolokia library. Jolokia is a JMX-HTTP bridge that allows remote access to JMX MBeans over HTTP. This module specifically targets applications built with Spring Boot and Tomcat.

This vulnerability can have a high severity level as it can expose sensitive information about the application's implementation, such as the implementation name, vendor, version, and specification details. This information can be exploited by attackers to gain insights into the application's architecture and potentially identify vulnerabilities or weaknesses.

Impact

An information disclosure vulnerability can have serious consequences for an application's security. By revealing implementation details, attackers can gain valuable insights into the application's inner workings, potentially leading to further exploitation or targeted attacks. It is crucial to address and mitigate such vulnerabilities to protect sensitive information and maintain the integrity of the application.

How does the module work?

The "Jolokia - Information disclosure" module works by sending specific HTTP requests to the target application and analyzing the responses for matching conditions. It checks for the presence of certain attributes related to the Jolokia library, such as implementation name, vendor, version, and specification details.

For example, one of the HTTP requests sent by the module could be:

GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName

The module then applies matching conditions to the responses to determine if the information disclosure vulnerability is present. These conditions include checking for specific attribute values, such as "ImplementationVendor," "ImplementationVersion," "ImplementationName," "SpecificationVendor," "MBeanServerId," and "SpecificationName."

If the module detects any matching conditions, it reports the vulnerability, allowing the application owner to take appropriate actions to address the issue and enhance the security of the application.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/actuator/jolokia/re.../actuator/jolokia/re.../actuator/jolokia/re...(+13 paths)
Matching conditions
word: "mbean":"java.lang:type=Memory"or
word: "attribute":"ImplementationVendor"or
word: "attribute":"ImplementationVersion"or
word: "attribute":"ImplementationName"or
word: "attribute":"SpecificationVendor"or
word: "attribute":"MBeanServerId"or
word: "attribute":"SpecificationName"or
word: "attribute":"SpecificationVersion
Passive global matcher
No matching conditions.
On match action
Report vulnerability