Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Google Api Private Key" module is designed to detect misconfigurations related to the exposure of Google API private keys. It targets cloud-based applications that utilize Google services. This module has a medium severity level.
The exposure of Google API private keys can lead to unauthorized access to sensitive data and resources. Attackers can potentially exploit these keys to gain unauthorized access to cloud-based applications and services that rely on Google APIs. This can result in data breaches, unauthorized data modifications, and other security incidents.
The "Google Api Private Key" module works by sending HTTP requests to specific paths where Google API private keys might be exposed. It then applies matching conditions to determine if a misconfiguration is present. The module checks for the presence of specific words, such as "private_key_id" and "private_key," in the response body. Additionally, it verifies that the HTTP response status is 200, indicating a successful request.
Here is an example of an HTTP request sent by the module:
GET /google-api-private-key.json
The module uses the following matching conditions:
- The response body must contain both "private_key_id" and "private_key" words. - The HTTP response status must be 200.If these conditions are met, the module reports a vulnerability, indicating that a Google API private key is exposed and requires immediate attention to prevent potential security risks.