Automate Recon and scanning process with Vidoc. All security teams in one place
By kannthu
The "Google Cloud Access Token" module is designed to detect misconfigurations related to the exposure of Google Cloud access tokens. It targets Google Cloud environments and checks for the presence of SQLite access tokens. This module has a medium severity level.
If a misconfiguration is detected, it could potentially expose sensitive access tokens used in Google Cloud environments. This could lead to unauthorized access and potential data breaches.
The module works by sending HTTP requests to specific paths in the target environment, namely "/access_tokens.db" and "/.config/gcloud/access_tokens.db". It then applies matching conditions to determine if a misconfiguration is present.
The matching conditions for this module are as follows:
- The response body must contain the words "SQLite" and "access_token". - The response header must contain the word "application/octet-stream". - The response status code must be 200.If all of these conditions are met, the module will report a potential misconfiguration.