DigitalOcean Key Exposure via Axiom
ID: axiom-digitalocean-key-exposure
Severity: critical
Author: geeknik
Tags: axiom,digitalocean,key,exposure
Description
Section titled “Description”Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments.
YAML Source
Section titled “YAML Source”id: axiom-digitalocean-key-exposure
info: name: DigitalOcean Key Exposure via Axiom author: geeknik severity: critical description: Axiom is a dynamic infrastructure framework to efficiently work with multi-cloud environments. remediation: Restrict access to the do.json file or upgrade to a newer version of Axiom reference: - https://github.com/pry0cc/axiom classification: cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.8 cwe-id: CWE-425 metadata: max-request: 1 tags: axiom,digitalocean,key,exposure
http: - method: GET path: - "{{BaseURL}}/.axiom/accounts/do.json"
matchers-condition: and matchers: - type: status status: - 200
- type: word words: - '"do_key"' - '"region"' - '"provider"' condition: and
extractors: - type: regex part: body regex: - '\"do_key\"\: .*'# digest: 490a0046304402204817ea16ddcbdef2edca8de9c877bdc91a93d76d257c82cbedbea60820c5160302205b72ff0e2073660fee884e5c2a008e43701e090b49e2f3a7d69f1db6d3d859a6:922c64590222798bb761d5b6d8e72950Guide to check the vulnerabilities
Section titled “Guide to check the vulnerabilities”This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.
$ nuclei -u "URL" -t "http/exposures/tokens/digitalocean/axiom-digitalocean-key-exposure.yaml"