57 lines
1.5 KiB
YAML
57 lines
1.5 KiB
YAML
id: springboot-actuators
|
|
|
|
info:
|
|
name: Detect the exposure of Springboot Actuators
|
|
author: that_juan_
|
|
severity: medium
|
|
|
|
requests:
|
|
- method: GET
|
|
path:
|
|
- "{{BaseURL}}/trace"
|
|
- "{{BaseURL}}/loggers"
|
|
- "{{BaseURL}}/autoconfig"
|
|
- "{{BaseURL}}/threaddump"
|
|
- "{{BaseURL}}/env"
|
|
- "{{BaseURL}}/management"
|
|
- "{{BaseURL}}/dump"
|
|
- "{{BaseURL}}/configprops"
|
|
- "{{BaseURL}}/mappings"
|
|
- "{{BaseURL}}/auditevents"
|
|
- "{{BaseURL}}/beans"
|
|
- "{{BaseURL}}/cloudfoundryapplication"
|
|
- "{{BaseURL}}//jolokia"
|
|
- "{{BaseURL}}/actuator"
|
|
- "{{BaseURL}}/actuator/auditevents"
|
|
- "{{BaseURL}}/actuator/beans"
|
|
- "{{BaseURL}}/actuator/health"
|
|
- "{{BaseURL}}/actuator/conditions"
|
|
- "{{BaseURL}}/actuator/configprops"
|
|
- "{{BaseURL}}/actuator/env"
|
|
- "{{BaseURL}}/actuator/dump"
|
|
- "{{BaseURL}}/actuator/threaddump"
|
|
- "{{BaseURL}}/actuator/flyway"
|
|
- "{{BaseURL}}/actuator/integrationgraph"
|
|
- "{{BaseURL}}//actuator/management"
|
|
- "{{BaseURL}}//actuator/jolokia"
|
|
matchers:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- "method"
|
|
- "spring"
|
|
- "TYPE"
|
|
- "system"
|
|
- "database"
|
|
- "cron"
|
|
condition: or
|
|
- type: status
|
|
status:
|
|
- 200
|
|
- type: word
|
|
words:
|
|
- "application/json"
|
|
- "hprof"
|
|
condition: or
|
|
part: header
|