Skip to content

Dockerhub Oauth Token

Service Name: Docker Hub

Service Description: Docker Hub is a cloud-based repository service where users can create, test, store, and distribute container images. It provides both public and private repositories for Docker images.

Service Address: https://hub.docker.com/

Validation Type: API Auth

IP Allow list: Does not exist

Secret Access Scope: Grants programmatic access to Docker Hub repositories, allowing users to push, pull, and manage Docker images.

Secret Revokement URL: https://hub.docker.com/settings/security

Secret Example: dckr_oat_AbCdEfGhIjKlMnOpQrStUvWxYz123456

Suspicious Activity Investigation Instructions:

  • Check Docker Hub access logs for unauthorized image pulls or pushes
  • Review recent repository activity for unexpected changes
  • Check for unauthorized repository creation or deletion
  • Monitor for unusual geographical access patterns
  • Verify if any repository permissions have been modified

Mitigation Instructions:

  • Log in to Docker Hub and navigate to Account Settings
  • Go to the Security section
  • Locate the compromised token in the Access Tokens list
  • Click the delete/revoke button next to the token
  • Create a new token with appropriate permissions if needed
  • Update any CI/CD pipelines or automation tools with the new token
  • Review all repositories for unauthorized changes