From bbf0d42cf9d681055a19f2c2e6d5df792b4a67f5 Mon Sep 17 00:00:00 2001 From: Wyatt Dahlenburg Date: Mon, 11 Jan 2021 21:54:18 -0600 Subject: [PATCH 1/7] Split springboot-detect into individual templates with appropriate severities and matchers --- misconfiguration/springboot-detect.yaml | 99 ------------------- .../springboot-detect-actuator.yaml | 20 ++++ .../springboot-detect-configprops.yaml | 31 ++++++ .../springboot-detect-env.yaml | 32 ++++++ .../springboot-detect-heapdump.yaml | 37 +++++++ .../springboot-detect-mappings.yaml | 31 ++++++ .../springboot-detect-trace.yaml | 34 +++++++ 7 files changed, 185 insertions(+), 99 deletions(-) delete mode 100644 misconfiguration/springboot-detect.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-actuator.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-configprops.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-env.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-heapdump.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-mappings.yaml create mode 100644 misconfiguration/springboot-detect/springboot-detect-trace.yaml diff --git a/misconfiguration/springboot-detect.yaml b/misconfiguration/springboot-detect.yaml deleted file mode 100644 index 83b1d2abf8..0000000000 --- a/misconfiguration/springboot-detect.yaml +++ /dev/null @@ -1,99 +0,0 @@ -id: springboot-actuators - -info: - name: Detect the exposure of Springboot Actuators - author: that_juan_ & dwisiswant0 - severity: medium - -requests: - - method: GET - path: - - "{{BaseURL}}/actuator" - - "{{BaseURL}}/actuator/auditevents" - - "{{BaseURL}}/actuator/auditLog" - - "{{BaseURL}}/actuator/beans" - - "{{BaseURL}}/actuator/caches" - - "{{BaseURL}}/actuator/conditions" - - "{{BaseURL}}/actuator/configprops" - - "{{BaseURL}}/actuator/configurationMetadata" - - "{{BaseURL}}/actuator/dump" - - "{{BaseURL}}/actuator/env" - - "{{BaseURL}}/actuator/events" - - "{{BaseURL}}/actuator/exportRegisteredServices" - - "{{BaseURL}}/actuator/features" - - "{{BaseURL}}/actuator/flyway" - - "{{BaseURL}}/actuator/healthcheck" - - "{{BaseURL}}/actuator/heapdump" - - "{{BaseURL}}/actuator/httptrace" - - "{{BaseURL}}/actuator/hystrix.stream" - - "{{BaseURL}}/actuator/integrationgraph" - - "{{BaseURL}}/actuator/jolokia" - - "{{BaseURL}}/actuator/liquibase" - - "{{BaseURL}}/actuator/logfile" - - "{{BaseURL}}/actuator/loggers" - - "{{BaseURL}}/actuator/loggingConfig" - - "{{BaseURL}}/actuator/management" - - "{{BaseURL}}/actuator/mappings" - - "{{BaseURL}}/actuator/metrics" - - "{{BaseURL}}/actuator/refresh" - - "{{BaseURL}}/actuator/registeredServices" - - "{{BaseURL}}/actuator/releaseAttributes" - - "{{BaseURL}}/actuator/resolveAttributes" - - "{{BaseURL}}/actuator/scheduledtasks" - - "{{BaseURL}}/actuator/sessions" - - "{{BaseURL}}/actuator/shutdown" - - "{{BaseURL}}/actuator/springWebflow" - - "{{BaseURL}}/actuator/sso" - - "{{BaseURL}}/actuator/ssoSessions" - - "{{BaseURL}}/actuator/statistics" - - "{{BaseURL}}/actuator/status" - - "{{BaseURL}}/actuator/threaddump" - - "{{BaseURL}}/actuator/trace" - - "{{BaseURL}}/auditevents" - - "{{BaseURL}}/autoconfig" - - "{{BaseURL}}/beans" - - "{{BaseURL}}/cloudfoundryapplication" - - "{{BaseURL}}/configprops" - - "{{BaseURL}}/dump" - - "{{BaseURL}}/env" - - "{{BaseURL}}/heapdump" - - "{{BaseURL}}/hystrix.stream" - - "{{BaseURL}}/jolokia" - - "{{BaseURL}}/jolokia/list" - - "{{BaseURL}}:8090/jolokia" - - "{{BaseURL}}:8090/jolokia/list" - - "{{BaseURL}}/loggers" - - "{{BaseURL}}/management" - - "{{BaseURL}}/mappings" - - "{{BaseURL}}/metrics" - - "{{BaseURL}}/threaddump" - - "{{BaseURL}}/trace" - matchers-condition: and - matchers: - - type: word - part: body - words: - - "method" - - "spring" - - "TYPE" - - "system" - - "database" - - "cron" - - "reloadByURL" - - "JMXConfigurator" - - "JMImplementation" - - "EnvironmentManager" - - "org.springframework.boot.loader" - - "health" - condition: or - - type: status - status: - - 200 - - type: word - words: - - "X-Application-Context" - - "application/json" - - "application/vnd.spring-boot.actuator" - - "hprof" - condition: or - part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-actuator.yaml b/misconfiguration/springboot-detect/springboot-detect-actuator.yaml new file mode 100644 index 0000000000..3ae8b6dfb0 --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-actuator.yaml @@ -0,0 +1,20 @@ +id: springboot-detect-actuator + +info: + name: Detect Springboot Actuators + author: that_juan_ & dwisiswant0 & wdahlenb + severity: info + +requests: + - method: GET + path: + - "{{BaseURL}}/actuator" + matchers-condition: and + matchers: + - type: word + part: body + words: + - '{"_links":{"self"' + - type: status + status: + - 200 diff --git a/misconfiguration/springboot-detect/springboot-detect-configprops.yaml b/misconfiguration/springboot-detect/springboot-detect-configprops.yaml new file mode 100644 index 0000000000..6b88f9c726 --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-configprops.yaml @@ -0,0 +1,31 @@ +id: springboot-detect-configprops + +info: + name: Detect Springboot Configprops Actuator + author: that_juan_ & dwisiswant0 & wdahlenb + severity: medium + description: Sensitive environment variables may not be masked + +requests: + - method: GET + path: + - "{{BaseURL}}/configprops" + - "{{BaseURL}}/actuator/configprops" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "org.springframework.boot.actuate" + - "beans" + - "contexts" + condition: and + - type: status + status: + - 200 + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + condition: or + part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-env.yaml b/misconfiguration/springboot-detect/springboot-detect-env.yaml new file mode 100644 index 0000000000..5743d870af --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-env.yaml @@ -0,0 +1,32 @@ +id: springboot-detect-env + +info: + name: Detect Springboot Env Actuator + author: that_juan_ & dwisiswant0 & wdahlenb + severity: high + description: Sensitive environment variables may not be masked + +requests: + - method: GET + path: + - "{{BaseURL}}/env" + - "{{BaseURL}}/actuator/env" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "JAVA_HOME" + - "sping.config.location" + - "spring.application.name" + - "local.server.port" + condition: or + - type: status + status: + - 200 + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + condition: or + part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml b/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml new file mode 100644 index 0000000000..c6c4ea88af --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml @@ -0,0 +1,37 @@ +id: springboot-detect-heapdump + +info: + name: Detect Springboot Heapdump Actuator + author: that_juan_ & dwisiswant0 & wdahlenb + severity: critical + description: Environment variables and HTTP requests can be found in the HPROF + +requests: + - method: GET + path: + - "{{BaseURL}}/heapdump" + - "{{BaseURL}}/actuator/heapdump" + matchers-condition: and + matchers: + - type: binary + part: body + binary: + - "4a4156412050524f46494c45" # "JAVA PROFILE" + - "4850524f46" # "HPROF" + - "1f8b080000000000" # Gunzip magic byte + condition: or + - type: status + status: + - 200 + - type: word + words: + - "application/octet-stream" + - "application/vnd.spring-boot.actuator" + - "hprof" + condition: or + part: header + - type: dsl + dsl: + - "len(body) >= 100000" + - "content_length >= 100000" + condition: or diff --git a/misconfiguration/springboot-detect/springboot-detect-mappings.yaml b/misconfiguration/springboot-detect/springboot-detect-mappings.yaml new file mode 100644 index 0000000000..fc058b8310 --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-mappings.yaml @@ -0,0 +1,31 @@ +id: springboot-detect-mappings + +info: + name: Detect Springboot Mappings Actuator + author: that_juan_ & dwisiswant0 & wdahlenb + severity: medium + description: Additional routes may be displayed + +requests: + - method: GET + path: + - "{{BaseURL}}/mappings" + - "{{BaseURL}}/actuator/mappings" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "mappings" + - "method" + - "produces" + condition: and + - type: status + status: + - 200 + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + condition: or + part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-trace.yaml b/misconfiguration/springboot-detect/springboot-detect-trace.yaml new file mode 100644 index 0000000000..ee932f704a --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-trace.yaml @@ -0,0 +1,34 @@ +id: springboot-detect-trace + +info: + name: Detect Springboot Trace Actuator + author: that_juan_ & dwisiswant0 & wdahlenb + severity: high + description: View recent HTTP requests and responses + +requests: + - method: GET + path: + - "{{BaseURL}}/trace" + - "{{BaseURL}}/actuator/trace" + - "{{BaseURL}}/httptrace" + - "{{BaseURL}}/actuator/httptrace" + matchers-condition: and + matchers: + - type: word + part: body + words: + - "traces" + - "response" + - "request" + - "principal" + condition: or + - type: status + status: + - 200 + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + condition: or + part: header From 0eee24b932092900d03ce49be306bb53f607d0d9 Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Thu, 28 Jan 2021 21:26:38 +0530 Subject: [PATCH 2/7] Adding springboot-detect-loggers --- .../springboot-detect-configprops.yaml | 3 +- .../springboot-detect-env.yaml | 1 + .../springboot-detect-heapdump.yaml | 1 + .../springboot-detect-loggers.yaml | 33 +++++++++++++++++++ .../springboot-detect-mappings.yaml | 3 +- .../springboot-detect-trace.yaml | 3 +- 6 files changed, 41 insertions(+), 3 deletions(-) create mode 100644 misconfiguration/springboot-detect/springboot-detect-loggers.yaml diff --git a/misconfiguration/springboot-detect/springboot-detect-configprops.yaml b/misconfiguration/springboot-detect/springboot-detect-configprops.yaml index 6b88f9c726..4ef14d78fb 100644 --- a/misconfiguration/springboot-detect/springboot-detect-configprops.yaml +++ b/misconfiguration/springboot-detect/springboot-detect-configprops.yaml @@ -3,7 +3,7 @@ id: springboot-detect-configprops info: name: Detect Springboot Configprops Actuator author: that_juan_ & dwisiswant0 & wdahlenb - severity: medium + severity: low description: Sensitive environment variables may not be masked requests: @@ -27,5 +27,6 @@ requests: words: - "application/json" - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" condition: or part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-env.yaml b/misconfiguration/springboot-detect/springboot-detect-env.yaml index 5743d870af..fd8947a434 100644 --- a/misconfiguration/springboot-detect/springboot-detect-env.yaml +++ b/misconfiguration/springboot-detect/springboot-detect-env.yaml @@ -28,5 +28,6 @@ requests: words: - "application/json" - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" condition: or part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml b/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml index c6c4ea88af..30942914f3 100644 --- a/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml +++ b/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml @@ -27,6 +27,7 @@ requests: words: - "application/octet-stream" - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" - "hprof" condition: or part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-loggers.yaml b/misconfiguration/springboot-detect/springboot-detect-loggers.yaml new file mode 100644 index 0000000000..2c8ece09d6 --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-loggers.yaml @@ -0,0 +1,33 @@ +id: springboot-detect-loggers + +info: + name: Detect Springboot Loggers + author: that_juan_ & dwisiswant0 & wdahlenb + severity: low + +requests: + - method: GET + path: + - "{{BaseURL}}/loggers" + - "{{BaseURL}}/actuator/loggers" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - '"loggers"' + - '"profiles":' + condition: or + + - type: status + status: + - 200 + + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" + condition: or + part: header \ No newline at end of file diff --git a/misconfiguration/springboot-detect/springboot-detect-mappings.yaml b/misconfiguration/springboot-detect/springboot-detect-mappings.yaml index fc058b8310..30c74d13cb 100644 --- a/misconfiguration/springboot-detect/springboot-detect-mappings.yaml +++ b/misconfiguration/springboot-detect/springboot-detect-mappings.yaml @@ -3,7 +3,7 @@ id: springboot-detect-mappings info: name: Detect Springboot Mappings Actuator author: that_juan_ & dwisiswant0 & wdahlenb - severity: medium + severity: low description: Additional routes may be displayed requests: @@ -27,5 +27,6 @@ requests: words: - "application/json" - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" condition: or part: header diff --git a/misconfiguration/springboot-detect/springboot-detect-trace.yaml b/misconfiguration/springboot-detect/springboot-detect-trace.yaml index ee932f704a..a939b98f67 100644 --- a/misconfiguration/springboot-detect/springboot-detect-trace.yaml +++ b/misconfiguration/springboot-detect/springboot-detect-trace.yaml @@ -3,7 +3,7 @@ id: springboot-detect-trace info: name: Detect Springboot Trace Actuator author: that_juan_ & dwisiswant0 & wdahlenb - severity: high + severity: low description: View recent HTTP requests and responses requests: @@ -30,5 +30,6 @@ requests: words: - "application/json" - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" condition: or part: header From a9c9809283e6b684bb3bc3367924e8932f9fe38e Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Thu, 28 Jan 2021 21:35:48 +0530 Subject: [PATCH 3/7] Adding springboot-detect-logfile --- .../springboot-detect-logfile.yaml | 33 +++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100644 misconfiguration/springboot-detect/springboot-detect-logfile.yaml diff --git a/misconfiguration/springboot-detect/springboot-detect-logfile.yaml b/misconfiguration/springboot-detect/springboot-detect-logfile.yaml new file mode 100644 index 0000000000..37854cf184 --- /dev/null +++ b/misconfiguration/springboot-detect/springboot-detect-logfile.yaml @@ -0,0 +1,33 @@ +id: springboot-detect-logfile + +info: + name: Detect Springboot Logfile + author: that_juan_ & dwisiswant0 & wdahlenb + severity: low + +requests: + - method: GET + path: + - "{{BaseURL}}/logfile" + - "{{BaseURL}}/actuator/logfile" + + matchers-condition: and + matchers: + - type: word + part: body + words: + - 'logfile' + - '"profiles":' + condition: and + + - type: status + status: + - 200 + + - type: word + words: + - "application/json" + - "application/vnd.spring-boot.actuator" + - "application/vnd.spring-boot.actuator.v1+json" + condition: or + part: header \ No newline at end of file From 21bfead0b1a4f4fe800872217c4fbc4323c7df37 Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Thu, 28 Jan 2021 23:13:50 +0530 Subject: [PATCH 4/7] renaming few templates --- ...boot-detect-configprops.yaml => springboot-configprops.yaml} | 2 +- .../{springboot-detect-env.yaml => springboot-env.yaml} | 2 +- ...springboot-detect-heapdump.yaml => springboot-heapdump.yaml} | 2 +- .../{springboot-detect-logfile.yaml => springboot-logfile.yaml} | 2 +- .../{springboot-detect-loggers.yaml => springboot-loggers.yaml} | 2 +- ...springboot-detect-mappings.yaml => springboot-mappings.yaml} | 2 +- .../{springboot-detect-trace.yaml => springboot-trace.yaml} | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) rename misconfiguration/springboot-detect/{springboot-detect-configprops.yaml => springboot-configprops.yaml} (95%) rename misconfiguration/springboot-detect/{springboot-detect-env.yaml => springboot-env.yaml} (96%) rename misconfiguration/springboot-detect/{springboot-detect-heapdump.yaml => springboot-heapdump.yaml} (96%) rename misconfiguration/springboot-detect/{springboot-detect-logfile.yaml => springboot-logfile.yaml} (92%) rename misconfiguration/springboot-detect/{springboot-detect-loggers.yaml => springboot-loggers.yaml} (92%) rename misconfiguration/springboot-detect/{springboot-detect-mappings.yaml => springboot-mappings.yaml} (95%) rename misconfiguration/springboot-detect/{springboot-detect-trace.yaml => springboot-trace.yaml} (96%) diff --git a/misconfiguration/springboot-detect/springboot-detect-configprops.yaml b/misconfiguration/springboot-detect/springboot-configprops.yaml similarity index 95% rename from misconfiguration/springboot-detect/springboot-detect-configprops.yaml rename to misconfiguration/springboot-detect/springboot-configprops.yaml index 4ef14d78fb..80d4670abd 100644 --- a/misconfiguration/springboot-detect/springboot-detect-configprops.yaml +++ b/misconfiguration/springboot-detect/springboot-configprops.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-configprops +id: springboot-configprops info: name: Detect Springboot Configprops Actuator diff --git a/misconfiguration/springboot-detect/springboot-detect-env.yaml b/misconfiguration/springboot-detect/springboot-env.yaml similarity index 96% rename from misconfiguration/springboot-detect/springboot-detect-env.yaml rename to misconfiguration/springboot-detect/springboot-env.yaml index fd8947a434..232a7ddcd7 100644 --- a/misconfiguration/springboot-detect/springboot-detect-env.yaml +++ b/misconfiguration/springboot-detect/springboot-env.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-env +id: springboot-env info: name: Detect Springboot Env Actuator diff --git a/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml b/misconfiguration/springboot-detect/springboot-heapdump.yaml similarity index 96% rename from misconfiguration/springboot-detect/springboot-detect-heapdump.yaml rename to misconfiguration/springboot-detect/springboot-heapdump.yaml index 30942914f3..7b7c658e58 100644 --- a/misconfiguration/springboot-detect/springboot-detect-heapdump.yaml +++ b/misconfiguration/springboot-detect/springboot-heapdump.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-heapdump +id: springboot-heapdump info: name: Detect Springboot Heapdump Actuator diff --git a/misconfiguration/springboot-detect/springboot-detect-logfile.yaml b/misconfiguration/springboot-detect/springboot-logfile.yaml similarity index 92% rename from misconfiguration/springboot-detect/springboot-detect-logfile.yaml rename to misconfiguration/springboot-detect/springboot-logfile.yaml index 37854cf184..66ee6a2622 100644 --- a/misconfiguration/springboot-detect/springboot-detect-logfile.yaml +++ b/misconfiguration/springboot-detect/springboot-logfile.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-logfile +id: springboot-logfile info: name: Detect Springboot Logfile diff --git a/misconfiguration/springboot-detect/springboot-detect-loggers.yaml b/misconfiguration/springboot-detect/springboot-loggers.yaml similarity index 92% rename from misconfiguration/springboot-detect/springboot-detect-loggers.yaml rename to misconfiguration/springboot-detect/springboot-loggers.yaml index 2c8ece09d6..87d02229a9 100644 --- a/misconfiguration/springboot-detect/springboot-detect-loggers.yaml +++ b/misconfiguration/springboot-detect/springboot-loggers.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-loggers +id: springboot-loggers info: name: Detect Springboot Loggers diff --git a/misconfiguration/springboot-detect/springboot-detect-mappings.yaml b/misconfiguration/springboot-detect/springboot-mappings.yaml similarity index 95% rename from misconfiguration/springboot-detect/springboot-detect-mappings.yaml rename to misconfiguration/springboot-detect/springboot-mappings.yaml index 30c74d13cb..17e058f3e4 100644 --- a/misconfiguration/springboot-detect/springboot-detect-mappings.yaml +++ b/misconfiguration/springboot-detect/springboot-mappings.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-mappings +id: springboot-mappings info: name: Detect Springboot Mappings Actuator diff --git a/misconfiguration/springboot-detect/springboot-detect-trace.yaml b/misconfiguration/springboot-detect/springboot-trace.yaml similarity index 96% rename from misconfiguration/springboot-detect/springboot-detect-trace.yaml rename to misconfiguration/springboot-detect/springboot-trace.yaml index a939b98f67..39905444e1 100644 --- a/misconfiguration/springboot-detect/springboot-detect-trace.yaml +++ b/misconfiguration/springboot-detect/springboot-trace.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-trace +id: springboot-trace info: name: Detect Springboot Trace Actuator From 2fd6ae31cb942641f80d2b275b1c1360b7aa68fd Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Thu, 28 Jan 2021 23:27:15 +0530 Subject: [PATCH 5/7] Delete springboot-logfile.yaml --- .../springboot-detect/springboot-logfile.yaml | 33 ------------------- 1 file changed, 33 deletions(-) delete mode 100644 misconfiguration/springboot-detect/springboot-logfile.yaml diff --git a/misconfiguration/springboot-detect/springboot-logfile.yaml b/misconfiguration/springboot-detect/springboot-logfile.yaml deleted file mode 100644 index 66ee6a2622..0000000000 --- a/misconfiguration/springboot-detect/springboot-logfile.yaml +++ /dev/null @@ -1,33 +0,0 @@ -id: springboot-logfile - -info: - name: Detect Springboot Logfile - author: that_juan_ & dwisiswant0 & wdahlenb - severity: low - -requests: - - method: GET - path: - - "{{BaseURL}}/logfile" - - "{{BaseURL}}/actuator/logfile" - - matchers-condition: and - matchers: - - type: word - part: body - words: - - 'logfile' - - '"profiles":' - condition: and - - - type: status - status: - - 200 - - - type: word - words: - - "application/json" - - "application/vnd.spring-boot.actuator" - - "application/vnd.spring-boot.actuator.v1+json" - condition: or - part: header \ No newline at end of file From 663de701279f8fde9bb01030d511619748e1fe0f Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Thu, 28 Jan 2021 23:47:22 +0530 Subject: [PATCH 6/7] workflow updates --- .../springboot-configprops.yaml | 0 .../{springboot-detect => springboot}/springboot-env.yaml | 0 .../springboot-heapdump.yaml | 0 .../springboot-loggers.yaml | 0 .../springboot-mappings.yaml | 0 .../springboot-trace.yaml | 0 .../detect-springboot-actuator.yaml | 2 +- workflows/springboot-workflow.yaml | 7 ++----- 8 files changed, 3 insertions(+), 6 deletions(-) rename misconfiguration/{springboot-detect => springboot}/springboot-configprops.yaml (100%) rename misconfiguration/{springboot-detect => springboot}/springboot-env.yaml (100%) rename misconfiguration/{springboot-detect => springboot}/springboot-heapdump.yaml (100%) rename misconfiguration/{springboot-detect => springboot}/springboot-loggers.yaml (100%) rename misconfiguration/{springboot-detect => springboot}/springboot-mappings.yaml (100%) rename misconfiguration/{springboot-detect => springboot}/springboot-trace.yaml (100%) rename misconfiguration/springboot-detect/springboot-detect-actuator.yaml => technologies/detect-springboot-actuator.yaml (91%) diff --git a/misconfiguration/springboot-detect/springboot-configprops.yaml b/misconfiguration/springboot/springboot-configprops.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-configprops.yaml rename to misconfiguration/springboot/springboot-configprops.yaml diff --git a/misconfiguration/springboot-detect/springboot-env.yaml b/misconfiguration/springboot/springboot-env.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-env.yaml rename to misconfiguration/springboot/springboot-env.yaml diff --git a/misconfiguration/springboot-detect/springboot-heapdump.yaml b/misconfiguration/springboot/springboot-heapdump.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-heapdump.yaml rename to misconfiguration/springboot/springboot-heapdump.yaml diff --git a/misconfiguration/springboot-detect/springboot-loggers.yaml b/misconfiguration/springboot/springboot-loggers.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-loggers.yaml rename to misconfiguration/springboot/springboot-loggers.yaml diff --git a/misconfiguration/springboot-detect/springboot-mappings.yaml b/misconfiguration/springboot/springboot-mappings.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-mappings.yaml rename to misconfiguration/springboot/springboot-mappings.yaml diff --git a/misconfiguration/springboot-detect/springboot-trace.yaml b/misconfiguration/springboot/springboot-trace.yaml similarity index 100% rename from misconfiguration/springboot-detect/springboot-trace.yaml rename to misconfiguration/springboot/springboot-trace.yaml diff --git a/misconfiguration/springboot-detect/springboot-detect-actuator.yaml b/technologies/detect-springboot-actuator.yaml similarity index 91% rename from misconfiguration/springboot-detect/springboot-detect-actuator.yaml rename to technologies/detect-springboot-actuator.yaml index 3ae8b6dfb0..25f0aec8ba 100644 --- a/misconfiguration/springboot-detect/springboot-detect-actuator.yaml +++ b/technologies/detect-springboot-actuator.yaml @@ -1,4 +1,4 @@ -id: springboot-detect-actuator +id: detect-springboot-actuator info: name: Detect Springboot Actuators diff --git a/workflows/springboot-workflow.yaml b/workflows/springboot-workflow.yaml index 996a91be43..cbe1780223 100644 --- a/workflows/springboot-workflow.yaml +++ b/workflows/springboot-workflow.yaml @@ -10,9 +10,6 @@ info: workflows: - - template: security-misconfiguration/springboot-detect.yaml + - template: technologies/detect-springboot-actuator.yaml subtemplates: - - template: cves/2018/CVE-2018-1271.yaml - - template: cves/2018/CVE-2018-1271.yaml - - template: cves/2020/CVE-2020-5410.yaml - - template: vulnerabilities/springboot/ \ No newline at end of file + - template: misconfiguration/springboot/ \ No newline at end of file From 40e1df849387c918857b2926b814fc0d8de7fb9b Mon Sep 17 00:00:00 2001 From: PD-Team <8293321+bauthard@users.noreply.github.com> Date: Fri, 29 Jan 2021 00:06:15 +0530 Subject: [PATCH 7/7] few fixes --- misconfiguration/springboot/springboot-heapdump.yaml | 2 +- workflows/springboot-workflow.yaml | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/misconfiguration/springboot/springboot-heapdump.yaml b/misconfiguration/springboot/springboot-heapdump.yaml index 7b7c658e58..6e544e8135 100644 --- a/misconfiguration/springboot/springboot-heapdump.yaml +++ b/misconfiguration/springboot/springboot-heapdump.yaml @@ -28,7 +28,6 @@ requests: - "application/octet-stream" - "application/vnd.spring-boot.actuator" - "application/vnd.spring-boot.actuator.v1+json" - - "hprof" condition: or part: header - type: dsl @@ -36,3 +35,4 @@ requests: - "len(body) >= 100000" - "content_length >= 100000" condition: or + part: header diff --git a/workflows/springboot-workflow.yaml b/workflows/springboot-workflow.yaml index cbe1780223..110835f2f1 100644 --- a/workflows/springboot-workflow.yaml +++ b/workflows/springboot-workflow.yaml @@ -10,6 +10,9 @@ info: workflows: - - template: technologies/detect-springboot-actuator.yaml + - template: misconfiguration/springboot-detect.yaml subtemplates: - - template: misconfiguration/springboot/ \ No newline at end of file + - template: cves/2018/CVE-2018-1271.yaml + - template: cves/2018/CVE-2018-1271.yaml + - template: cves/2020/CVE-2020-5410.yaml + - template: vulnerabilities/springboot/ \ No newline at end of file