id: springboot-configprops

info:
  name: Detect Springboot Configprops Actuator
  author: that_juan_,dwisiswant0,wdahlenb
  severity: low
  description: Sensitive environment variables may not be masked
  metadata:
    max-request: 2
  tags: springboot,exposure,misconfig

http:
  - method: GET
    path:
      - "{{BaseURL}}/configprops"
      - "{{BaseURL}}/actuator/configprops"

    stop-at-first-match: true

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "org.springframework.boot.actuate"
          - "beans"
          - "contexts"
        condition: and

      - type: status
        status:
          - 200

      - type: word
        words:
          - "application/json"
          - "application/vnd.spring-boot.actuator"
          - "application/vnd.spring-boot.actuator.v1+json"
        condition: or
        part: header

# digest: 4b0a00483046022100de778671099362e7bbae4ff422611ac686cee397df849b5a0c387a101eefe9da0221009c18715f4ab99ccbebcba20781c366e03b634a4c9364a72d44c1b98fa3ba45b4:922c64590222798bb761d5b6d8e72950