search

Information disclosure in error messages

This lab's verbose error messages reveal that it is using a vulnerable version of a third-party framework. To solve the lab, obtain and submit the version number of this framework.

Upon thorough navigation of the website, a notable GET request caught my attention. It involves passing an ID parameter with an integer value:

GET /product?productId=1

To investigate potential vulnerabilities and assess how the application responds to unexpected inputs, I deliberately attempted to provoke an error by substituting an integer with a string in the parameter:

GET /product?productId="any_string"

The ensuing response yielded valuable insights. Now, to fulfill the lab requirements, all that remains is to locate and submit the identified version number at the bottom of the page.

Internal Server Error: java.lang.NumberFormatException: For input string: "any_string"
	at java.base/java.lang.NumberFormatException.forInputString(NumberFormatException.java:67)
	at java.base/java.lang.Integer.parseInt(Integer.java:668)
	at java.base/java.lang.Integer.parseInt(Integer.java:786)
	at lab.e.q.i.x.w(Unknown Source)
	at lab.y.v8.z.k.W(Unknown Source)
	at lab.y.v8.y.y.g.N(Unknown Source)
	at lab.y.v8.y.t.lambda$handleSubRequest$0(Unknown Source)
	at k.e.w.z.lambda$null$3(Unknown Source)
	at k.e.w.z.f(Unknown Source)
	at k.e.w.z.lambda$uncheckedFunction$4(Unknown Source)
	at java.base/java.util.Optional.map(Optional.java:260)
	at lab.y.v8.y.t.Y(Unknown Source)
	at lab.server.b.f.x.W(Unknown Source)
	at lab.y.v8.b.t(Unknown Source)
	at lab.y.v8.b.W(Unknown Source)
	at lab.server.b.f.i.a.H(Unknown Source)
	at lab.server.b.f.i.z.lambda$handle$0(Unknown Source)
	at lab.e.i.y.w.I(Unknown Source)
	at lab.server.b.f.i.z.H(Unknown Source)
	at lab.server.b.f.b8.M(Unknown Source)
	at k.e.w.z.lambda$null$3(Unknown Source)
	at k.e.w.z.f(Unknown Source)
	at k.e.w.z.lambda$uncheckedFunction$4(Unknown Source)
	at lab.server.l.A(Unknown Source)
	at lab.server.b.f.b8.h(Unknown Source)
	at lab.server.b.x.m.t(Unknown Source)
	at lab.server.b.w.c(Unknown Source)
	at lab.server.b.r.c(Unknown Source)
	at lab.server.zn.o(Unknown Source)
	at lab.server.zn.c(Unknown Source)
	at lab.r.y.lambda$consume$0(Unknown Source)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
	at java.base/java.lang.Thread.run(Thread.java:833)

Apache Struts 2 2.3.31
PreviousInformation DisclosureNextInformation disclosure on debug page

Last updated