nuclei-templates/security-misconfiguration/springboot-detect.yaml

57 lines
1.5 KiB
YAML

id: springboot-actuators
info:
name: Detect the exposure of Springboot Actuators
author: that_juan_
severity: medium
requests:
- method: GET
path:
- "{{BaseURL}}/trace"
- "{{BaseURL}}/loggers"
- "{{BaseURL}}/autoconfig"
- "{{BaseURL}}/threaddump"
- "{{BaseURL}}/env"
- "{{BaseURL}}/management"
- "{{BaseURL}}/dump"
- "{{BaseURL}}/configprops"
- "{{BaseURL}}/mappings"
- "{{BaseURL}}/auditevents"
- "{{BaseURL}}/beans"
- "{{BaseURL}}/cloudfoundryapplication"
- "{{BaseURL}}//jolokia"
- "{{BaseURL}}/actuator"
- "{{BaseURL}}/actuator/auditevents"
- "{{BaseURL}}/actuator/beans"
- "{{BaseURL}}/actuator/health"
- "{{BaseURL}}/actuator/conditions"
- "{{BaseURL}}/actuator/configprops"
- "{{BaseURL}}/actuator/env"
- "{{BaseURL}}/actuator/dump"
- "{{BaseURL}}/actuator/threaddump"
- "{{BaseURL}}/actuator/flyway"
- "{{BaseURL}}/actuator/integrationgraph"
- "{{BaseURL}}//actuator/management"
- "{{BaseURL}}//actuator/jolokia"
matchers:
- type: regex
part: body
regex:
- 'method'
- 'spring'
- 'TYPE'
- 'system'
- 'database'
- 'cron'
condition: or
- type: status
status:
- 200
- type: word
words:
- 'application/json'
- 'hprof'
condition: or
part: header