Trello is a popular online productivity tool used by individuals and organizations to manage tasks, organize projects, and collaborate across teams. However, due to its flexible nature and the ability to create public boards, Trello has also become an unexpected source of data leaks and exposed credentials on the open web.
This article discusses how simple misconfigurations — combined with negligence and lack of awareness — can lead to critical security incidents, and how tools like Google Hacking are used to exploit them.
Trello allows users to create boards that are either private (visible only to authorized users) or public (indexed by search engines like Google). When users store sensitive data such as:
...on public boards (either by accident or ignorance), those boards become searchable and exploitable by anyone on the internet — including malicious actors.
Google Dorking (aka Google Hacking) is a technique used to find exposed or misconfigured assets by crafting advanced search queries.
For Trello, attackers use queries like:
site:trello.com intext:senha
site:trello.com intext:password
site:trello.com intext:login
site:trello.com intitle:"Banco"
site:trello.com intext:"user"