Mirrors/trufflehog
2
0
Fork 0
mirror of https://github.com/trufflesecurity/trufflehog.git synced 2024-11-10 15:14:38 +00:00
Code Issues Projects Releases Packages Wiki Activity

Use GetCallerIdentity for AWS verification (#585)

Browse source
This commit is contained in:
Dustin Decker 2022-05-25 14:45:28 -07:00 committed by GitHub
parent d98833b70b
commit 43955b9a38
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
pkg/detectors/aws/aws.go
View file

@ -82,10 +82,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
if verify {
//REQUEST VALUES
method := "GET"
service := "iam"
host := "iam.amazonaws.com"
service := "sts"
host := "sts.amazonaws.com"
region := "us-east-1"
endpoint := "https://iam.amazonaws.com"
endpoint := "https://sts.amazonaws.com"
datestamp := time.Now().UTC().Format("20060102")
amz_date := time.Now().UTC().Format("20060102T150405Z0700")
@ -103,8 +103,8 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
credential_scope := fmt.Sprintf("%s/%s/%s/aws4_request", datestamp, region, service)
params := req.URL.Query()
params.Add("Action", "ListUsers")
params.Add("Version", "2010-05-08")
params.Add("Action", "GetCallerIdentity")
params.Add("Version", "2011-06-15")
params.Add("X-Amz-Algorithm", algorithm)
params.Add("X-Amz-Credential", resIdMatch+"/"+credential_scope)
params.Add("X-Amz-Date", amz_date)