keyhacks icon indicating copy to clipboard operation
keyhacks copied to clipboard

Published 20 hours ago verified publisher icon streaak

add apigee client id and secret

Open w1th0ut opened this issue 3 years ago • 1 comments

Hello, I have suggestion add apigee client id and secret. With client id and secret, we can gain full access to apigee service of that company who leak id and secret. No regex for hunting client id and secret but there is

curl -I -H 'Content-Type: application/x-www-form-urlencoded' -X POST 'https://company.apigee.net/oauth/accesstoken' -d 'grant_type=client_credentials&client_id=xxx&client_secret=yyy'

Client id always longer than client secret.

{
    "token": "xxx",
    "access_token": "xxx",
    "issued_at": "00000",
    "expires_in": "00000"
}

Access token will look like jwt token, so decode it and find this:

{
  "access_token": "agGEHDkB7WRDYNbVJ1VVbAjzGTi4",
  "audience": "",
  "api_product_list": [
  ],

Use this key as bearer authorization to explore more deep.

But do not always following /oauth/accesstoken endpoint because some company using custom endpoint. Simple Regex to hunt apigee service of company: .*\.apigee\.net

reference: https://docs.apigee.com/api-platform/security/oauth/oauth-20-client-credentials-grant-type

w1th0ut avatar Sep 03 '21 13:09 w1th0ut

Hey @w1th0ut, Could you create a PR and reference this issue?

Thanks

streaak avatar Oct 02 '21 04:10 streaak