elastic-cloud-api-key: Elastic Cloud API Key Detection

日期: 2025-08-01 | 影响软件: elastic cloud api key | POC: 已公开

漏洞描述

Detects Elastic Cloud API keys used for programmatic access to the Elastic Cloud and serverless APIs.

PoC代码[已公开]

id: elastic-cloud-api-key

info:
  name: Elastic Cloud API Key Detection
  author: Chemo850
  severity: high
  description: |
    Detects Elastic Cloud API keys used for programmatic access to the Elastic Cloud and serverless APIs.
  reference:
    - https://www.elastic.co/docs/deploy-manage/api-keys/elastic-cloud-api-keys
  metadata:
    verified: true
    max-request: 1
  tags: elastic,exposure,tokens,vuln

http:
  - method: GET
    path:
      - "{{BaseURL}}"

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - "essu_"
      - type: regex
        part: body
        regex:
          - essu_[A-Za-z0-9+/]{80}AAAAA[A-Za-z0-9+/=]{7}

    extractors:
      - type: regex
        part: body
        regex:
          - essu_[A-Za-z0-9+/]{80}AAAAA[A-Za-z0-9+/=]{7}
# digest: 490a0046304402202380aa1c2c2feff8ff162e226a268e56e239482020ac77c8535921f94725ae3e02200c2685ebd301a90383152f6ab71ed180fe8bd33fd9d45a6bc836d453b847f87c:922c64590222798bb761d5b6d8e72950
来源: https://github.com/projectdiscovery/nuclei-templates/blob/main/http/exposures/tokens/elastic/elastic-cloud-api-key.yaml