From 26a5f65a64c75f526cca13e4f3d526b6d720601f Mon Sep 17 00:00:00 2001 From: Piyush Paliwal <46394419+PiyushThePal@users.noreply.github.com> Date: Fri, 1 Oct 2021 10:17:31 +0530 Subject: [PATCH] Update README.md --- API Key Leaks/README.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/API Key Leaks/README.md b/API Key Leaks/README.md index 1c029f4..ae5fad4 100644 --- a/API Key Leaks/README.md +++ b/API Key Leaks/README.md @@ -34,6 +34,23 @@ The following commands can be used to takeover accounts or extract personal info Use : https://github.com/ozguralp/gmapsapiscanner/ +Usage: +| Name | Endpoint | +| --- | --- | +| Static Maps | https://maps.googleapis.com/maps/api/staticmap?center=45%2C10&zoom=7&size=400x400&key=KEY_HERE | +| Streetview | https://maps.googleapis.com/maps/api/streetview?size=400x400&location=40.720032,-73.988354&fov=90&heading=235&pitch=10&key=KEY_HERE | +| Embed | https://www.google.com/maps/embed/v1/place?q=place_id:ChIJyX7muQw8tokR2Vf5WBBk1iQ&key=KEY_HERE | +| Directions | https://maps.googleapis.com/maps/api/directions/json?origin=Disneyland&destination=Universal+Studios+Hollywood4&key=KEY_HERE | +| Geocoding | https://maps.googleapis.com/maps/api/geocode/json?latlng=40,30&key=KEY_HERE | +| Distance Matrix | https://maps.googleapis.com/maps/api/distancematrix/json?units=imperial&origins=40.6655101,-73.89188969999998&destinations=40.6905615%2C-73.9976592%7C40.6905615%2C-73.9976592%7C40.6905615%2C-73.9976592%7C40.6905615%2C-73.9976592%7C40.6905615%2C-73.9976592%7C40.6905615%2C-73.9976592%7C40.659569%2C-73.933783%7C40.729029%2C-73.851524%7C40.6860072%2C-73.6334271%7C40.598566%2C-73.7527626%7C40.659569%2C-73.933783%7C40.729029%2C-73.851524%7C40.6860072%2C-73.6334271%7C40.598566%2C-73.7527626&key=KEY_HERE | +| Find Place from Text | https://maps.googleapis.com/maps/api/place/findplacefromtext/json?input=Museum%20of%20Contemporary%20Art%20Australia&inputtype=textquery&fields=photos,formatted_address,name,rating,opening_hours,geometry&key=KEY_HERE | +| Autocomplete | https://maps.googleapis.com/maps/api/place/autocomplete/json?input=Bingh&types=%28cities%29&key=KEY_HERE | +| Elevation | https://maps.googleapis.com/maps/api/elevation/json?locations=39.7391536,-104.9847034&key=KEY_HERE | +| Timezone | https://maps.googleapis.com/maps/api/timezone/json?location=39.6034810,-119.6822510×tamp=1331161200&key=KEY_HERE | +| Roads | https://roads.googleapis.com/v1/nearestRoads?points=60.170880,24.942795|60.170879,24.942796|60.170877,24.942796&key=KEY_HERE | +| Geolocate | https://www.googleapis.com/geolocation/v1/geolocate?key=KEY_HERE | + + Impact: * Consuming the company's monthly quota or can over-bill with unauthorized usage of this service and do financial damage to the company * Conduct a denial of service attack specific to the service if any limitation of maximum bill control settings exist in the Google account