Detected exposed VS Code MCP (Model Context Protocol) configuration files (mcp.json) which may contain sensitive information including API keys, server endpoints, authentication tokens, and tool configurations for AI assistants and language models.
PoC代码[已公开]
id: vscode-mcp-json
info:
name: Visual Studio Code MCP Configuration ("mcp.json") Exposure
author: DhiyaneshDk
severity: low
description: |
Detected exposed VS Code MCP (Model Context Protocol) configuration files (mcp.json) which may contain sensitive information including API keys, server endpoints, authentication tokens, and tool configurations for AI assistants and language models.
reference:
- https://code.visualstudio.com/docs/copilot/chat/mcp-servers
- https://modelcontextprotocol.io/
metadata:
verified: true
max-request: 2
shodan-query: html:"mcp.json"
tags: exposure,vscode,config,mcp
http:
- method: GET
path:
- "{{BaseURL}}/mcp.json"
- "{{BaseURL}}/.mcp.json"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"mcpServers": {'
- '"args":'
condition: and
- type: status
status:
- 200
# digest: 490a004630440220307b780da80fbc2453156cc9f9470957c06729bf4177744e5fcf33e34698f01a02206fdb824176b18a1b93aaf942ce888074502740868bafac3b2e574dfcdbadc9e2:922c64590222798bb761d5b6d8e72950