id: stripe-secret-key
info:
name: Stripe Secret Key Disclosure
author: Ice3man
severity: high
reference:
- https://stripe.com/docs/keys
metadata:
max-request: 2
verified: true
tags: exposure,token,stripe,vuln
flow: http(1) && http(2)
http:
- method: GET
path:
- "{{BaseURL}}"
matchers:
- type: regex
part: body
name: token
regex:
- 'sk_(?:live|test)_[0-9a-zA-Z]{24}'
internal: true
- raw:
- |
@Host: https://api.stripe.com:443
GET /v1/charges?limit=1 HTTP/1.1
Host: api.stripe.com
Authorization: Bearer {{token}}
disable-path-automerge: true
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(body, "billing_details") && contains(body, "balance_transaction")'
condition: and
extractors:
- type: dsl
dsl:
- token
# digest: 490a00463044022035f16851a1b6c8fd23b47e948d006e38fc27a356ac0a1ae81e038e3c6a519a6502200264d1e36efe81394c937ff0a65c1071732ec9c138bae65444c0f78c5fadce62:922c64590222798bb761d5b6d8e72950