Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Jolokia - List

By kannthu

Low
Vidoc logoVidoc Module
#jolokia#springboot#tomcat
Description

Jolokia - List

What is the "Jolokia - List" module?

The "Jolokia - List" module is a test case designed to detect misconfigurations or vulnerabilities related to the Jolokia software. Jolokia is a JMX-HTTP bridge that allows remote JMX (Java Management Extensions) clients to interact with JMX-enabled applications. This module focuses on the "/jolokia/list" and "/actuator/jolokia/list" endpoints and checks for specific conditions to determine if there are any potential issues.

This module has a low severity level, indicating that the detected misconfigurations or vulnerabilities may have limited impact or pose a lower risk.

Author: pussycat0x

Impact

The impact of the "Jolokia - List" module depends on the specific misconfiguration or vulnerability detected. It could potentially lead to unauthorized access, information disclosure, or other security risks. It is important to address any identified issues to ensure the security and integrity of the Jolokia-enabled application.

How does the module work?

The "Jolokia - List" module works by sending HTTP requests to the "/jolokia/list" and "/actuator/jolokia/list" endpoints. It then applies matching conditions to determine if the response indicates a misconfiguration or vulnerability.

For example, one of the matching conditions checks if the HTTP response status is 200, indicating a successful request. Additionally, it checks if the response body contains the word "\"type\":\"list\"", which suggests that the Jolokia software is being used in a certain way.

By evaluating these conditions, the module can identify potential issues related to the Jolokia software configuration or usage.

Reference:

- https://thinkloveshare.com/hacking/ssrf_to_rce_with_jolokia_and_mbeans/ - https://github.com/laluka/jolokia-exploitation-toolkit

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/jolokia/list/actuator/jolokia/li...
Matching conditions
status: 200and
word: "type":"list"
Passive global matcher
No matching conditions.
On match action
Report vulnerability