Dockerhub Oauth Token
Service Name: Docker Hub
Service Description: Docker Hub is a cloud-based repository service where users can create, test, store, and distribute container images. It provides both public and private repositories for Docker images.
Service Address: https://hub.docker.com/
Validation Type: API Auth
IP Allow list: Does not exist
Secret Access Scope: Grants programmatic access to Docker Hub repositories, allowing users to push, pull, and manage Docker images.
Secret Revokement URL: https://hub.docker.com/settings/security
Secret Example: dckr_oat_AbCdEfGhIjKlMnOpQrStUvWxYz123456
Suspicious Activity Investigation Instructions:
- Check Docker Hub access logs for unauthorized image pulls or pushes
- Review recent repository activity for unexpected changes
- Check for unauthorized repository creation or deletion
- Monitor for unusual geographical access patterns
- Verify if any repository permissions have been modified
Mitigation Instructions:
- Log in to Docker Hub and navigate to Account Settings
- Go to the Security section
- Locate the compromised token in the Access Tokens list
- Click the delete/revoke button next to the token
- Create a new token with appropriate permissions if needed
- Update any CI/CD pipelines or automation tools with the new token
- Review all repositories for unauthorized changes