Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Prometheus targets API endpoint

By kannthu

Informative
Vidoc logoVidoc Module
#prometheus
Description

What is the "Prometheus targets API endpoint?"

The "Prometheus targets API endpoint" module is designed to detect misconfigurations or vulnerabilities in the Prometheus targets API. Prometheus is an open-source monitoring and alerting toolkit that is widely used for collecting and analyzing metrics from various systems. This module focuses specifically on the API endpoint used to retrieve information about the targets being monitored by Prometheus.

This module has an informative severity level, which means it provides valuable insights and information but does not indicate a critical vulnerability or misconfiguration.

Impact

If a misconfiguration or vulnerability is detected in the Prometheus targets API endpoint, it could potentially lead to inaccurate or incomplete monitoring data. This could impact the effectiveness of monitoring and alerting systems that rely on Prometheus for collecting metrics.

How the module works?

The module works by sending an HTTP GET request to the "/api/v1/targets" path of the Prometheus targets API endpoint. It then applies a set of matching conditions to determine if the response indicates a misconfiguration or vulnerability.

The matching conditions include:

- Status: The response status code must be 200. - Body: The response body must contain the words "\"status\": \"success\"", "\"data\":", and "\"labels\":". - Header: The response header must include the word "application/json".

If all of these conditions are met, the module reports a potential misconfiguration or vulnerability in the Prometheus targets API endpoint.

Module preview

Concurrent Requests (1)
1. HTTP Request template
GET/api/v1/targets
Matching conditions
status: 200and
word: "status": "success", "data":, "labels":and
word: application/json
Passive global matcher
No matching conditions.
On match action
Report vulnerability