Scanning 2.6 Million Domains for Exposed .Env Files

Written by sdcat | Published 2022/11/10
Tech Story Tags: environment-variables | devops | software-development | cyber-security | database | cybersecurity | debugging | hackernoon-top-story

TLDRA software developer scanned 2.6 million domains for exposed.env files. He found 135 database users and passwords, 48 e-mail user accounts with passwords, 11 live credentials for payment providers (like Stripe or Paypal) 98 secret tokens for different APIs and 128 app secrets. The dangerous aspect is that the passwords and secrets are in unencrypted form in the.env file. When the web server is misconfigured and this.env file is delivered by the web. server, anyone can. query this data.via the TL;DR App
no story
Written by sdcat | Software developing cat
Published by HackerNoon on 2022/11/10
ABOUTHow hackers start their afternoons. We publish tech stories and build publishing software.

READEntirely free library read by hundreds of millions to learn anything about any technology.

WRITEHackerNoon elevates quality technology writing far and wide across the interwebs.

PARTNERHackerNoon works directly with tech companies to place ads by content relevancy