Skip to content

Commit

Permalink
docs: bold
Browse files Browse the repository at this point in the history 
Signed-off-by: r3drun3 <simone.ragonesi@sighup.io>
  • Loading branch information
@R3DRUN3
R3DRUN3 committed Apr 8, 2024
1 parent 2cd2259 commit cc14c5d
Showing 1 changed file with 7 additions and 7 deletions.
14 changes: 7 additions & 7 deletions pages/posts/08-04-24/hacking-etcd.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,13 +70,13 @@ These are likely SSL/TLS certificates for [*Apache APISIX*](https://github.com/a
APISIX is an open-source, cloud-native microservices API gateway that it is used for managing and securing (sigh 😔) APIs.

Here is a list of attacks that a threat actor can probably implement with access to such certificates:
- *Man-in-the-Middle (MitM) Attacks*
- *Data Interception*
- *Traffic Redirection*
- *Session Hijacking*
- *SSL Stripping*
- *Impersonation Attacks*
- *Replay Attacks*
- **Man-in-the-Middle (MitM) Attacks**
- **Data Interception**
- **Traffic Redirection**
- **Session Hijacking**
- **SSL Stripping**
- **Impersonation Attacks**
- **Replay Attacks**

Keep in mind that it is rare to encounter exposed instances of etcd containing keys with this type of sensitive data, but it has occurred in the past following some reconnaissance efforts.

Expand Down

0 comments on commit cc14c5d

Please sign in to comment.