id: springboot-trace

info:
  name: Detect Springboot Trace Actuator
  author: that_juan_ & dwisiswant0 & wdahlenb
  severity: low
  description: View recent HTTP requests and responses

requests:
  - method: GET
    path:
      - "{{BaseURL}}/trace"
      - "{{BaseURL}}/actuator/trace"
      - "{{BaseURL}}/httptrace"
      - "{{BaseURL}}/actuator/httptrace"
    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "traces"
          - "response"
          - "request"
          - "principal"
        condition: or
      - type: status
        status:
          - 200
      - type: word
        words:
          - "application/json"
          - "application/vnd.spring-boot.actuator"
          - "application/vnd.spring-boot.actuator.v1+json"
        condition: or
        part: header