PinPoint Unauth

What is the "PinPoint Unauth?"

The "PinPoint Unauth" module is designed to detect vulnerabilities in the PinPoint application. PinPoint is an open-source application performance management (APM) tool that helps monitor and analyze the performance of distributed systems. This module focuses on identifying unauthorized access to PinPoint, which poses a high severity risk.

Author: dhiyaneshDk

Impact

If the "PinPoint Unauth" module detects a vulnerability, it means that unauthorized users may be able to access sensitive information or perform unauthorized actions within the PinPoint application. This can lead to potential data breaches, unauthorized system modifications, and other security risks.

How does the module work?

The "PinPoint Unauth" module works by sending an HTTP GET request to the "/applications.pinpoint" endpoint of the target PinPoint application. It then applies a set of matching conditions to determine if the application is vulnerable to unauthorized access.

Matching conditions:

- The response body must contain the words "applicationName" and "serviceType". - The response headers must include the word "application/json". - The HTTP response status code must be 200.

If all of these conditions are met, the module flags the vulnerability and triggers the specified action, which in this case is reporting the vulnerability.

Example HTTP request:

GET /applications.pinpoint

Note: The above example is a simplified representation of the HTTP request. The actual request may include additional headers or parameters.

Metadata:

- Max request: 1

Reference:

- https://github.com/pinpoint-apm/pinpoint