Heap dumps contain a snapshot of all the live objects that are being used by a running Java application on the Java heap.
- Go to the following URL $URL/actuator/heapdump
- This url will download the heap dump of the server
- Using a memory analyzer such as Eclipse memory analyzer it's possible to read the file.
- Inside the file you can sensitive information as trustStorePassword (see screenshot)
This vulnerability allows any attacker to perform many severe attacks such as :
- PII Data leaking
- Accessing all credentials from the application properties such as , admin credentials, swagger credentials , billing credentials .
- Get database credentials
- Server Environment variable
- Server config Properties.
- Payments manipulations and money stealing
- and more