Use when performing penetration testing targeting information disclosure and sensitive data exposure vulnerabilities. Keywords: information disclosure, sensitive data exposure, credential leak, API key exposure, directory listing, error message leakage, debug info, cleartext storage
설치
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
Use when performing penetration testing targeting information disclosure and sensitive data exposure vulnerabilities. Keywords: information disclosure, sensitive data exposure, credential leak, API key exposure, directory listing, error message leakage, debug info, cleartext storage
Information Disclosure Penetration Testing Patterns
当对 Web 应用进行信息泄露渗透测试时加载此 Skill。覆盖凭证泄露、敏感数据暴露、目录列举、错误信息泄露等。
Attack Surface Discovery
高风险区域:
公开代码仓库:GitHub/GitLab commit 历史中的 API key、token、密码
CI/CD 日志:构建日志中暴露的环境变量、凭证
错误页面:详细的 stack trace、数据库连接字符串、内部 IP
API 响应:多余字段泄露(password_hash、internal_id、admin_email)
Case 1: Bykea — Critical Information Disclosure via /talos/api/v1/files/upload
严重度: Critical | CWE: Inclusion of Sensitive Information in an Include File
摘要: A vulnerability was discovered in the file upload functionality, where uploaded files were first stored on the server before being sent to S3. Due to a configuration flaw, memory chunks from the serve...
Case 2: HackerOne — The /reports/:id.json endpoint discloses potentially sensitive user attributes when reporter summary is present
严重度: Critical | CWE: Information Disclosure
摘要: The /reports/:id.json endpoint disclosed potentially sensitive user attributes, including the reporter's email, OTP backup codes, phone number, graphql_secret_token, and t-shirt size when a reporter s...
Case 3: HackerOne — Creation of bounties through Customer API leads to private email disclosure
严重度: Critical | CWE: Information Disclosure
摘要: The creation of bounties through the Customer API led to the disclosure of private email addresses. The vulnerability was demonstrated by using both the API and GraphQL requests to award a program bou...
Case 4: Khan Academy — Unauthorized Account Access via Leaked Credentials in URL Format (Account Takeover )
严重度: Critical | CWE: Cleartext Storage of Sensitive Information
摘要: The vulnerability allowed attackers to access user accounts on khanAcademy.com using leaked credentials that were publicly available. The credentials were found in clear text format on a third-party w...
Case 5: Mars — Datadog api keys exposed can be used to do all the read and write access to the instance
严重度: Critical | CWE: Information Disclosure
摘要: A vulnerability was identified where Datadog API keys were exposed in a JavaScript file, which could have enabled unauthorized access to Datadog services. The issue was responsibly disclosed along wit...
Case 6: Mozilla — Netlify Authentication Token Exposed in Public Mozilla CI Logs
严重度: Critical | CWE: Information Disclosure
摘要: A critical vulnerability was discovered involving the exposure of a Netlify authentication token within publicly accessible logs. The token provided full access to the "Mozilla IT Web SRE" Netlify acc...
Case 7: Mozilla — two aws access key and secret key and database username and password exposed
严重度: Critical | CWE: Information Disclosure
摘要: A security vulnerability was identified in a Docker image hosted on Docker Hub. The image, associated with Mozilla's Common Voice project, was found to contain exposed AWS access keys, AWS secret keys...
Case 8: Mozilla — Jira Credential Disclosure within Mozilla Slack
严重度: Critical | CWE: Information Disclosure
摘要: The Jira admin API keys were disclosed within a Mozilla Slack channel by a staff member. The exposed credentials allowed for the verification of the user's elevated privileges, including being a Jira ...
Case 9: Mozilla — Mozilla Employee's Token for sql.telemetry.mozilla.org Exposed in Git Commit
严重度: Critical | CWE: Cleartext Storage of Sensitive Information
摘要: A Mozilla employee's API token was exposed in a GitHub repository, granting access to confidential data. The token was rotated and removed from the service.
Case 10: Mozilla — Mozilla FuzzManager API Token Exposed in Git Commit
严重度: Critical | CWE: Cleartext Storage of Sensitive Information
摘要: An API token for a Mozilla fuzzing service was exposed in a GitHub repository commit. The token provided read-write access to internal fuzzing data. The token was rotated and configured for write-only...