漏洞描述
Springboot Jolokia Actuator is exposed.
springboot-jolokia: Detects Springboot Jolokia Actuator
PoC代码[已公开]
id: springboot-jolokia
info:
name: Detects Springboot Jolokia Actuator
author: DhiyaneshDK
severity: low
description: Springboot Jolokia Actuator is exposed.
reference:
- https://raw.githubusercontent.com/maurosoria/dirsearch/master/db/dicc.txt
metadata:
verified: true
max-request: 2
shodan-query: title:"Eureka"
tags: misconfig,springboot,exposure,vuln
http:
- method: GET
path:
- "{{BaseURL}}/jolokia"
- "{{BaseURL}}/actuator/jolokia"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"config":{'
- '"agentId":"'
condition: and
- type: word
part: header
words:
- "application/json"
- "application/vnd.spring-boot.actuator"
- "application/vnd.spring-boot.actuator.v1+json"
- "application/vnd.spring-boot.actuator.v2+json"
- "application/vnd.spring-boot.actuator.v3+json"
- "text/plain"
condition: or
- type: status
status:
- 200
# digest: 490a0046304402202f947c88823cb5ec0b0e326936467ac0525bee5ec61e9ba1a21a5a8d018a61a80220741fcebde48c28ee20fd31bbabd5574e2f44413da1214b02fcb57bd8b1a1ce4c:922c64590222798bb761d5b6d8e72950