漏洞描述
Spring Boot Metrics Actuator endpoint was detected, which may expose system metrics information. This template detects both older Spring Boot 1.x format and newer 2.x/3.x format.
springboot-metrics: Springboot Actuator Metrics - Exposure
PoC代码[已公开]
id: springboot-metrics
info:
name: Springboot Actuator Metrics - Exposure
author: pussycat0x,TheZakMan
severity: low
description: |
Spring Boot Metrics Actuator endpoint was detected, which may expose system metrics information. This template detects both older Spring Boot 1.x format and newer 2.x/3.x format.
metadata:
verified: true
max-request: 2
tags: springboot,exposure,misconfig,vuln
http:
- method: GET
path:
- "{{BaseURL}}/metrics"
- "{{BaseURL}}/actuator/metrics"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: dsl
dsl:
- "contains_any(tolower(content_type), 'application/json', 'application/vnd.spring-boot')"
- "status_code == 200"
condition: and
- type: word
part: body
words:
- '{"mem":'
- '{"heap":'
- '{"nonheap":'
- '{"threads":'
- '{"gc":'
- '{"names":['
- '"jvm.memory'
- '"process.cpu'
condition: or
# digest: 4b0a00483046022100acefa4eb0e3499e4349c533ff17d228678a63f70d02c1ede45add55c52dfc68c022100dcdf4f72a00cdeaa8801daf8f9e76e472b832ff3116dcf7283aa10cadf4bfea5:922c64590222798bb761d5b6d8e72950