Jupyter Lab - Unauthenticated Access

What is "Jupyter Lab - Unauthenticated Access?"

The "Jupyter Lab - Unauthenticated Access" module is designed to detect a misconfiguration in JupyterLab, a web-based interactive development environment for Jupyter notebooks, code, and data. This module focuses on identifying instances where JupyterLab can be accessed without requiring any authentication. The severity of this misconfiguration is classified as critical.

This module was authored by j4vaovo.

Impact

If JupyterLab is accessible without authentication, it poses a significant security risk. Unauthorized users could potentially gain access to sensitive data, execute arbitrary code, and perform malicious activities within the JupyterLab environment. This can lead to data breaches, unauthorized system access, and other security incidents.

How the module works?

The "Jupyter Lab - Unauthenticated Access" module works by sending an HTTP GET request to the "/lab/api/settings/" endpoint of the target JupyterLab instance. It then applies a set of matching conditions to determine if the misconfiguration is present.

The matching conditions for this module are as follows:

- The response body must contain the words "\"id\":", "\"settings\"", and "\"schema\":". - The response headers must include the word "application/json". - The HTTP status code must be 200.

If all of these conditions are met, the module identifies the presence of unauthenticated access to JupyterLab.

Here is an example of the HTTP request sent by the module:

GET /lab/api/settings/ HTTP/1.1
Host: [target_host]

Note: Replace "[target_host]" with the actual hostname or IP address of the target JupyterLab instance.

For more information, you can refer to the following reference: https://paper.seebug.org/2058/

Metadata:

- Max request: 1 - Shodan query: http.favicon.hash:45089