lolcreds

Public credential defaults and exposure patterns for authorized security testing.

Zabbix

Zabbix LLCmonitoring3 credentials

Credentials3 documented
01

API Token

zabbix / api-token

Zabbix API requests can be authorized with an API token. Zabbix documents sending the token in the Authorization header using Bearer authentication.

user definedsecrettoken

Location

http header
Authorization

Bearer token used for Zabbix API requests

environment
ZABBIX_TOKEN, ZABBIX_API_TOKEN
config file

automation config, .env files, monitoring integration config, and deployment manifests

secret store

CI/CD variables, cloud secret managers, and monitoring automation secrets

source code

Zabbix API scripts, Terraform providers, tests, and committed examples

logs

API client traces, webhook automation logs, and CI output

Notes

API token permissions depend on the creating user and token scope. Treat tokens as bearer credentials for Zabbix API operations.

02

Frontend User Password

zabbix / frontend-user-password

Zabbix frontend users authenticate to the web interface and API workflows. Zabbix user accounts, groups, roles, and authentication settings control access to monitoring configuration and historical data.

user definedsecretusername/password

Location

database

Zabbix database tables storing users, sessions, roles, and password verifier material

public interface
/zabbix/index.php, /zabbix/api_jsonrpc.php

Zabbix web frontend and JSON-RPC API endpoint

config file

frontend config, automation .env files, and integration settings

secret store

password vaults, CI/CD variables, and cloud secret managers

source code

API scripts, deployment examples, tests, and accidentally committed credentials

logs

web server logs, API request logs, and authentication troubleshooting output

Notes

Zabbix has historically documented installer/default credentials in some distribution contexts; avoid modeling a static default unless the exact package or appliance source states it ships that way.

03

Secret User Macro / External Secret

zabbix / macro-secret

Zabbix supports user macros, including secret user macros, and storage of secrets through external providers such as CyberArk and HashiCorp Vault. These secrets are often used by checks, web monitoring, and integrations.

user definedsecretsecret value

Location

secret store

Zabbix secret macros, CyberArk, HashiCorp Vault, and frontend secret storage

database

Zabbix configuration database containing macro definitions and references

config file

exported templates, automation config, and provisioning manifests

source code

committed templates and monitoring-as-code repositories

logs

item preprocessing logs, script output, and webhook debugging traces

Notes

Secret macros may contain credentials for monitored services and should be triaged as secrets even when they are not Zabbix login credentials.

Scope

Authorized use

LOLCreds helps map the credential surface of real products: known defaults, generated values, credential locations, and exposure patterns.