Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The Prometheus Config API Endpoint Discovery module is designed to detect misconfigurations in Prometheus, a monitoring and alerting toolkit. It focuses on identifying the config API endpoint, which provides access to the loaded Prometheus configuration file, including target addresses, alerting/discovery services, and the required credentials.
This module is informative in terms of severity, meaning it provides valuable insights and information without indicating a specific vulnerability or software fingerprint.
Author: geeknik
This module does not directly impact the system being scanned. Instead, it helps identify potential misconfigurations in the Prometheus monitoring setup, which could lead to security vulnerabilities or operational issues if not properly addressed.
The Prometheus Config API Endpoint Discovery module works by sending an HTTP GET request to the "/api/v1/status/config" endpoint. It then applies a series of matching conditions to determine if the endpoint is functioning as expected.
Matching conditions:
- The response status code must be 200. - The response body must contain the following words:"status": "success"
, "data"
, and "yaml"
.
- The response header must include the word "application/json"
.
If all the matching conditions are met, the module reports a successful discovery of the Prometheus config API endpoint.
Example HTTP request:
GET /api/v1/status/config
Note: The above example is a simplified representation of the HTTP request. The actual request may include additional headers or parameters.