This endpoint returns full application config including AWS keys and database passwords.
{
"app": "CloudCtrl v2.1",
"environment": "production",
"database": {
"host": "rds.internal.company.com",
"port": 5432,
"name": "prod_db",
"user": "dbadmin",
"password": "Pr0d_DB_P@ss2024"
},
"aws": {
"access_key_id": "AKIAIOSFODNN7EXAMPLE",
"secret_access_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY",
"region": "us-east-1",
"s3_bucket": "company-prod-backups"
},
"stripe": {
"api_key": "sk_live_fakekeyforlab_abc123xyz",
"webhook_secret": "whsec_labsecret123"
},
"jwt_secret": "super_secret_jwt_key_2024",
"debug": true,
"internal_services": {
"redis": "redis://127.0.0.1:6379",
"elasticsearch": "http://10.0.1.50:9200"
}
}
In a real breach: attacker uses AWS keys to access S3 buckets, spin up EC2 instances, or escalate privileges.