Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Keycloak OpenID Configuration - Detect

By kannthu

Informative
Vidoc logoVidoc Module
#keycloak#config
Description

What is the "Keycloak OpenID Configuration - Detect" module?

The "Keycloak OpenID Configuration - Detect" module is designed to detect misconfigurations in the Keycloak OpenID configuration. Keycloak is an open-source identity and access management solution that provides single sign-on capabilities. This module focuses on identifying any misconfigurations that may exist in the Keycloak OpenID configuration.

This module has an informative severity level, which means it provides valuable information about potential misconfigurations but does not pose an immediate security risk.

Impact

If misconfigurations are detected in the Keycloak OpenID configuration, it could lead to security vulnerabilities or improper functioning of the authentication and authorization processes. It is important to address any identified misconfigurations to ensure the secure and smooth operation of the Keycloak system.

How the module works?

The "Keycloak OpenID Configuration - Detect" module works by sending HTTP requests to specific endpoints related to the Keycloak OpenID configuration. It then applies matching conditions to determine if the expected responses are received.

For example, one of the HTTP requests sent by this module is a GET request to the following paths:

/.well-known/openid-configuration
/auth/realms/master/.well-known/openid-configuration

The module expects a response with a status code of 200 and specific words in the response body, including "issuer," "authorization_endpoint," "token_endpoint," "userinfo_endpoint," and "jwks_uri." If all the matching conditions are met, the module identifies that the Keycloak OpenID configuration is properly configured.

By analyzing the responses and matching conditions, the module provides insights into any potential misconfigurations in the Keycloak OpenID configuration.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/.well-known/openid-.../auth/realms/master/...
Matching conditions
status: 200and
word: issuer, authorization_endpoint, token_en...
Passive global matcher
No matching conditions.
On match action
Report vulnerability