mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-09-20 06:31:57 +00:00
[Thog-628] update detector results hash v2 (#710)
* Start updating detectors that have two part creds to record the raw result as ID + secret. * Add more detectors. * More detectors. * More detectors. * remove comment out imports.
This commit is contained in:
parent
73f9d3f0a0
commit
2cab951ee5
74 changed files with 101 additions and 31 deletions
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_AdobeIO,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Adzuna,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Aeroworkflow,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Agora,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_AirbrakeProjectKey,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_AirtableApiKey,
|
||||
Redacted: appRes,
|
||||
Raw: []byte(keyRes),
|
||||
RawV2: []byte(keyRes + appRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Alegra,
|
||||
Raw: []byte(tokenPatMatch),
|
||||
RawV2: []byte(tokenPatMatch + userPatMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_AlgoliaAdminKey,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -84,6 +84,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Alibaba,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
@ -103,7 +104,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
params.Add("Version", "2014-05-26")
|
||||
|
||||
stringToSign := buildStringToSign(req.Method, params.Encode())
|
||||
signature := GetSignature(stringToSign, resMatch+"&") //Get Signature HMAC SHA1
|
||||
signature := GetSignature(stringToSign, resMatch+"&") // Get Signature HMAC SHA1
|
||||
params.Add("Signature", signature)
|
||||
req.URL.RawQuery = params.Encode()
|
||||
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Amadeus,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_AmplitudeApiKey,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Anypoint,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + orgRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_ApiDeck,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Apiflash,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resUrlMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_APIMatic,
|
||||
Raw: []byte(userPatMatch),
|
||||
RawV2: []byte(userPatMatch + passPatMatch),
|
||||
}
|
||||
if verify {
|
||||
timeout := 10 * time.Second
|
||||
|
|
|
@ -63,6 +63,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Appcues,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resUserMatch),
|
||||
}
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://api.appcues.com/v2/accounts/%s/flows", resIdMatch), nil)
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Apptivo,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_ArtifactoryAccessToken,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resURLMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Artsy,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -58,6 +58,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Auth0ManagementApiToken,
|
||||
Redacted: domainRes,
|
||||
Raw: []byte(managementApiTokenRes),
|
||||
RawV2: []byte(managementApiTokenRes + domainRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -2,14 +2,11 @@ package auth0oauth
|
|||
|
||||
import (
|
||||
"context"
|
||||
// "fmt"
|
||||
// "log"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"io/ioutil"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
||||
|
@ -65,6 +62,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Auth0oauth,
|
||||
Redacted: clientIdRes,
|
||||
Raw: []byte(clientSecretRes),
|
||||
RawV2: []byte(clientIdRes + clientSecretRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Autodesk,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -81,6 +81,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_AWS,
|
||||
Raw: []byte(resIDMatch),
|
||||
Redacted: resIDMatch,
|
||||
RawV2: []byte(resIDMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Aylien,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.aylien.com/news/stories", nil)
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Billomat,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resId),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -58,6 +58,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Bitmex,
|
||||
Raw: []byte(resSecretMatch),
|
||||
RawV2: []byte(resMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_BrowserStack,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resUserMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -2,11 +2,11 @@ package bulksms
|
|||
|
||||
import (
|
||||
"context"
|
||||
b64 "encoding/base64"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"regexp"
|
||||
"strings"
|
||||
b64 "encoding/base64"
|
||||
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
||||
|
@ -21,10 +21,9 @@ var _ detectors.Detector = (*Scanner)(nil)
|
|||
var (
|
||||
client = common.SaneHttpClient()
|
||||
|
||||
//Make sure that your group is surrounded in boundry characters such as below to reduce false positives
|
||||
// Make sure that your group is surrounded in boundry characters such as below to reduce false positives
|
||||
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"bulksms"}) + `\b([a-fA-Z0-9*]{29})\b`)
|
||||
idPat = regexp.MustCompile(detectors.PrefixRegex([]string{"bulksms"}) + `\b([A-F0-9-]{37})\b`)
|
||||
|
||||
idPat = regexp.MustCompile(detectors.PrefixRegex([]string{"bulksms"}) + `\b([A-F0-9-]{37})\b`)
|
||||
)
|
||||
|
||||
// Keywords are used for efficiently pre-filtering chunks.
|
||||
|
@ -54,10 +53,11 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Bulksms,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
|
||||
if verify {
|
||||
data := fmt.Sprintf("%s:%s", resIdMatch,resMatch)
|
||||
data := fmt.Sprintf("%s:%s", resIdMatch, resMatch)
|
||||
sEnc := b64.StdEncoding.EncodeToString([]byte(data))
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.bulksms.com/v1/messages", nil)
|
||||
if err != nil {
|
||||
|
@ -70,17 +70,17 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
if res.StatusCode >= 200 && res.StatusCode < 300 {
|
||||
s1.Verified = true
|
||||
} else {
|
||||
//This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key
|
||||
// This function will check false positives for common test words, but also it will make sure the key appears 'random' enough to be a real key
|
||||
if detectors.IsKnownFalsePositive(resMatch, detectors.DefaultFalsePositives, true) {
|
||||
continue
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
results = append(results, s1)
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
|
||||
return detectors.CleanResults(results), nil
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CaptainData,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resProjIdMatch + resMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Cashboard,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resUser),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -63,6 +63,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Caspio,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch + resDomainMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Censys,
|
||||
Raw: []byte(tokenPatMatch),
|
||||
RawV2: []byte(tokenPatMatch + userPatMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -69,6 +69,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CexIO,
|
||||
Raw: []byte(resKeyMatch),
|
||||
RawV2: []byte(resUserIdMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -20,7 +20,7 @@ var (
|
|||
client = common.SaneHttpClient()
|
||||
|
||||
// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
|
||||
//Tokens starting with sk_test are used for the app's sandbox environment while tokens starting with sk only are for production environment
|
||||
// Tokens starting with sk_test are used for the app's sandbox environment while tokens starting with sk only are for production environment
|
||||
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"checkout"}) + `\b((sk_|sk_test_)[0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})\b`)
|
||||
idPat = regexp.MustCompile(detectors.PrefixRegex([]string{"checkout"}) + `\b(cus_[0-9a-zA-Z]{26})\b`)
|
||||
)
|
||||
|
@ -53,10 +53,11 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Checkout,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
//Used the app's sandbox environment for this case since I can't create a live account.
|
||||
// Used the app's sandbox environment for this case since I can't create a live account.
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.sandbox.checkout.com/customers/"+resIdMatch, nil)
|
||||
if err != nil {
|
||||
continue
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Checkvist,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resEmailMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -61,6 +61,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_ClickHelp,
|
||||
Raw: []byte(resServer),
|
||||
RawV2: []byte(resServer + resEmail),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -50,6 +50,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_ClickSendsms,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_ClockworkSMS,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + tokenRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CloudElements,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resOrgMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -60,6 +60,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_CloudflareGlobalApiKey,
|
||||
Redacted: emailRes,
|
||||
Raw: []byte(apiKeyRes),
|
||||
RawV2: []byte(apiKeyRes + emailRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CompanyHub,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Confluent,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Copper,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CrossBrowserTesting,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CustomerGuru,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_CustomerIO,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -29,6 +29,9 @@ type Result struct {
|
|||
Verified bool
|
||||
// Raw contains the raw secret identifier data. Prefer IDs over secrets since it is used for deduping after hashing.
|
||||
Raw []byte
|
||||
// RawV2 contains the raw secret identifier that is a combination of both the ID and the secret.
|
||||
// This is used for secrets that are multi part and could have the same ID. Ex: AWS credentials
|
||||
RawV2 []byte
|
||||
// Redacted contains the redacted version of the raw secret identification data for display purposes.
|
||||
// A secret ID should be used if available.
|
||||
Redacted string
|
||||
|
@ -96,9 +99,9 @@ func PrefixRegex(keywords []string) string {
|
|||
return pre + middle + post
|
||||
}
|
||||
|
||||
//KeyIsRandom is a Low cost check to make sure that 'keys' include a number to reduce FPs.
|
||||
//Golang doesnt support regex lookaheads, so must be done in separate calls.
|
||||
//TODO improve checks. Shannon entropy did not work well.
|
||||
// KeyIsRandom is a Low cost check to make sure that 'keys' include a number to reduce FPs.
|
||||
// Golang doesnt support regex lookaheads, so must be done in separate calls.
|
||||
// TODO improve checks. Shannon entropy did not work well.
|
||||
func KeyIsRandom(key string) bool {
|
||||
for _, ch := range key {
|
||||
if unicode.IsDigit(ch) {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_DiscordBotToken,
|
||||
Redacted: resId,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resId),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Dnscheck,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -56,6 +56,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Dwolla,
|
||||
Raw: []byte(idMatch),
|
||||
RawV2: []byte(idMatch + secretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -2,13 +2,12 @@ package easyinsight
|
|||
|
||||
import (
|
||||
"context"
|
||||
b64 "encoding/base64"
|
||||
"fmt"
|
||||
"net/http"
|
||||
"regexp"
|
||||
"strings"
|
||||
|
||||
b64 "encoding/base64"
|
||||
"net/http"
|
||||
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
|
||||
|
@ -55,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_EasyInsight,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Edamam,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resId),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -55,6 +55,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_EightxEight,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_FacebookOAuth,
|
||||
Redacted: apiIdRes,
|
||||
Raw: []byte(apiSecretRes),
|
||||
RawV2: []byte(apiIdRes + apiSecretRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_FacePlusPlus,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_FourSquare,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -61,6 +61,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Gengo,
|
||||
Raw: []byte(resSecretMatch),
|
||||
RawV2: []byte(resMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Geocodio,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSearchMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -2,6 +2,10 @@ package kraken
|
|||
|
||||
import (
|
||||
"context"
|
||||
"crypto/hmac"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"encoding/base64"
|
||||
"io"
|
||||
"net/http"
|
||||
"net/url"
|
||||
|
@ -10,11 +14,6 @@ import (
|
|||
"strings"
|
||||
"time"
|
||||
|
||||
"crypto/hmac"
|
||||
"crypto/sha256"
|
||||
"crypto/sha512"
|
||||
"encoding/base64"
|
||||
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/common"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
|
||||
|
@ -29,7 +28,7 @@ var (
|
|||
client = common.SaneHttpClient()
|
||||
|
||||
// Make sure that your group is surrounded in boundary characters such as below to reduce false positives.
|
||||
//Bounds have been removed because there are some cases that tokens have trailing frontslash(/) or plus sign (+)
|
||||
// Bounds have been removed because there are some cases that tokens have trailing frontslash(/) or plus sign (+)
|
||||
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"kraken"}) + `\b([0-9A-Za-z\/\+=]{56}[ "'\r\n]{1})`)
|
||||
privKeyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"kraken"}) + `\b([0-9A-Za-z\/\+=]{86,88}[ "'\r\n]{1})`)
|
||||
)
|
||||
|
@ -62,11 +61,12 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Kraken,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resPrivKeyMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
||||
//Increasing 64-bit integer, for each request that is made with a particular API key.
|
||||
// Increasing 64-bit integer, for each request that is made with a particular API key.
|
||||
apiNonce := strconv.FormatInt(time.Now().Unix(), 10)
|
||||
|
||||
payload := url.Values{}
|
||||
|
@ -106,7 +106,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
return detectors.CleanResults(results), nil
|
||||
}
|
||||
|
||||
//Code from https://docs.kraken.com/rest/#section/Authentication/Headers-and-Signature
|
||||
// Code from https://docs.kraken.com/rest/#section/Authentication/Headers-and-Signature
|
||||
func getKrakenSignature(url_path string, values url.Values, secret []byte) string {
|
||||
|
||||
sha := sha256.New()
|
||||
|
|
|
@ -65,6 +65,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_KuCoin,
|
||||
Raw: []byte(resKeyMatch),
|
||||
RawV2: []byte(resKeyMatch + resPassphraseMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_MattermostPersonalToken,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + serverRes),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Mux,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -51,6 +51,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_NexmoApiKey,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -52,6 +52,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Plivo,
|
||||
Redacted: id,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + id),
|
||||
}
|
||||
stringResMatch := fmt.Sprintf("%s:%s", id, resMatch)
|
||||
decodeSecret := b64.StdEncoding.EncodeToString([]byte(stringResMatch))
|
||||
|
|
|
@ -58,6 +58,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Poloniex,
|
||||
Raw: []byte(resSecretMatch),
|
||||
RawV2: []byte(resMatch + resSecretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -72,6 +72,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_PusherChannelKey,
|
||||
Raw: []byte(resappMatch),
|
||||
RawV2: []byte(resappMatch + reskeyMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Roaring,
|
||||
Raw: []byte(resClient),
|
||||
RawV2: []byte(resClient + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -61,6 +61,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Rownd,
|
||||
Raw: []byte(keyMatch),
|
||||
RawV2: []byte(keyMatch + secretMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -62,6 +62,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_SatismeterProjectkey,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resPassMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Smooch,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -60,6 +60,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Strava,
|
||||
Raw: []byte(resId),
|
||||
RawV2: []byte(resId + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Textmagic,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resUser),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -53,6 +53,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Tru,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resSecret),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
|
@ -54,6 +54,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Vouchery,
|
||||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + subMatch),
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
Loading…
Reference in a new issue