Detect Springboot Actuators

ID: springboot-actuator

Severity: info

Author: that_juan_,dwisiswant0,wdahlenb,dr0pd34d

Tags: tech,springboot,actuator

Description

YAML Source

id: springboot-actuator

info:
  name: Detect Springboot Actuators
  author: that_juan_,dwisiswant0,wdahlenb,dr0pd34d
  severity: info
  metadata:
    max-request: 4
    shodan-query: http.favicon.hash:116323821
  tags: tech,springboot,actuator

http:
  - method: GET
    path:
      - "{{BaseURL}}"
      - "{{BaseURL}}/actuator"
      - "{{BaseURL}}/favicon.ico"
      - "{{BaseURL}}/actuator/favicon.ico"

    stop-at-first-match: true

    matchers-condition: or
    matchers:
      - type: word
        part: body
        words:
          - '"_links":'
          - '"self":'
          - '"health"'
        condition: and

      - type: dsl
        name: "favicon"
        dsl:
          - "status_code==200 && (\"116323821\" == mmh3(base64_py(body)))"

    extractors:
      - type: json
        name: available-endpoints
        json:
          - .[] | to_entries | .[].key
# digest: 4b0a00483046022100f16865bd14a80062c74f84d82ec7793f1326b2058e69a397003523c61f567766022100e5a772776b344f1075424837940edcbcc7afba29249d05cbaf21de0f045a0f31:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

$ nuclei -u "URL" -t "http/technologies/springboot-actuator.yaml"

View on Github