Skip to content

Instantly share code, notes, and snippets.

View Nguyen-Trung-Kien's full-sized avatar
❤️‍🔥
chào

Nguyễn Trung Kiên Nguyen-Trung-Kien

❤️‍🔥
chào
12 followers · 28 following
View GitHub Profile
@Nguyen-Trung-Kien
Nguyen-Trung-Kien / ServiceNow_Sensitive_Info_Exposure.md
Created July 1, 2024 08:53 — forked from win3zz/ServiceNow_Sensitive_Info_Exposure.md
ServiceNow Instance Exposing Sensitive Information via Unauthenticated Endpoints

ServiceNow Instance Exposing Sensitive Information via Unauthenticated Endpoints

  • Date: 26 June 2023
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
  • Discovered by: Bipin Jitiya (@win3zz)

Summary

[REDACTED], Inc., uses ServiceNow with an instance named "[REDACTED]" accessible at https://[REDACTED].service-now.com/. Upon reviewing this instance, I observed that it is not sufficiently hardened for security, and some endpoints are exposing sensitive information. The following three endpoints, designed for performance monitoring, logging, and troubleshooting purposes, are accessible without authentication:

@Nguyen-Trung-Kien
Nguyen-Trung-Kien / List of API endpoints & objects
Created May 27, 2024 09:01 — forked from yassineaboukir/List of API endpoints & objects
A list of 3203 common API endpoints and objects designed for fuzzing.
0
00
01
02
03
1
1.0
10
100
1000
@Nguyen-Trung-Kien
Nguyen-Trung-Kien / cloud_metadata.txt
Created July 25, 2023 03:00 — forked from jhaddix/cloud_metadata.txt
Cloud Metadata Dictionary useful for SSRF Testing
## AWS
# from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories
http://169.254.169.254/latest/user-data
http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/iam/security-credentials/[ROLE NAME]
http://169.254.169.254/latest/meta-data/ami-id
http://169.254.169.254/latest/meta-data/reservation-id
http://169.254.169.254/latest/meta-data/hostname
http://169.254.169.254/latest/meta-data/public-keys/0/openssh-key
@Nguyen-Trung-Kien
Nguyen-Trung-Kien / zendesk_endpoints.txt
Created July 18, 2023 15:38 — forked from win3zz/zendesk_endpoints.txt
List of Zendesk API Endpoints for Fuzzing [Penetration Testing]
POST /api/v2/accounts
GET /api/v2/activities?since=cstest
GET /api/v2/audit_logs?filter[source_type]=cstest&filter[source_id]=1&filter[actor_id]=1&filter[ip_address]=cstest&filter[created_at]=cstest&filter[action]=cstest&sort_by=cstest&sort_order=cstest&sort=cstest
GET /api/v2/automations
POST /api/v2/automations
GET /api/v2/bookmarks
POST /api/v2/bookmarks
GET /api/v2/brands
POST /api/v2/brands
GET /api/v2/custom_objects