mirror of
https://github.com/trufflesecurity/trufflehog.git
synced 2024-11-10 15:14:38 +00:00
Adding Howtorotate Guides to TruffleHog (#1839)
* adding how to rotate guides * Adding project ID to metadata * update key name, remove comments, and ensure always present --------- Co-authored-by: counter <counter@counters-MacBook-Air.local> Co-authored-by: Dustin Decker <dustin@trufflesec.com>
This commit is contained in:
Dylan Ayrey
GitHub
parent
f8f0c984fb
commit
b3555f5419
25 changed files with 91 additions and 15 deletions
|
|
@ -55,6 +55,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
Raw: []byte(resMatch),
|
||||
RawV2: []byte(resMatch + resIdMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/airbrake/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
payload := strings.NewReader(`{"environment":"production","username":"john","email":"john@smith.com","repository":"https://github.com/airbrake/airbrake","revision":"38748467ea579e7ae64f7815452307c9d05e05c5","version":"v2.0"}`)
|
||||
|
|
|
|||
|
|
@ -45,6 +45,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_AirbrakeUserKey,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/airbrake/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.airbrake.io/api/v4/projects?key="+resMatch, nil)
|
||||
|
|
|
|||
|
|
@ -206,6 +206,10 @@ func (s scanner) verifyMatch(ctx context.Context, resIDMatch, resSecretMatch str
|
|||
client = defaultVerificationClient
|
||||
}
|
||||
|
||||
extraData := map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/aws/",
|
||||
}
|
||||
|
||||
res, err := client.Do(req)
|
||||
if err == nil {
|
||||
defer res.Body.Close()
|
||||
|
|
@ -213,11 +217,9 @@ func (s scanner) verifyMatch(ctx context.Context, resIDMatch, resSecretMatch str
|
|||
identityInfo := identityRes{}
|
||||
err := json.NewDecoder(res.Body).Decode(&identityInfo)
|
||||
if err == nil {
|
||||
extraData := map[string]string{
|
||||
"account": identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.Account,
|
||||
"user_id": identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.UserID,
|
||||
"arn": identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.Arn,
|
||||
}
|
||||
extraData["account"] = identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.Account
|
||||
extraData["user_id"] = identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.UserID
|
||||
extraData["arn"] = identityInfo.GetCallerIdentityResponse.GetCallerIdentityResult.Arn
|
||||
return true, extraData, nil
|
||||
} else {
|
||||
return false, nil, err
|
||||
|
|
|
|||
|
|
@ -57,6 +57,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
RawV2: []byte(clientID[2] + clientSecret[2] + tenantID[2]),
|
||||
Redacted: clientID[2],
|
||||
}
|
||||
// Set the RotationGuideURL in the ExtraData
|
||||
s.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/azure/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
cred := auth.NewClientCredentialsConfig(clientID[2], clientSecret[2], tenantID[2])
|
||||
|
|
|
|||
|
|
@ -87,6 +87,11 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
RawV2: credBytes,
|
||||
Redacted: creds.ClientEmail,
|
||||
}
|
||||
// Set the RotationGuideURL in the ExtraData
|
||||
s.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/gcp/",
|
||||
"project": creds.ProjectID,
|
||||
}
|
||||
|
||||
if verify {
|
||||
credentials, err := google.CredentialsFromJSON(ctx, credBytes, "https://www.googleapis.com/auth/cloud-platform")
|
||||
|
|
|
|||
|
|
@ -68,6 +68,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
s1 := detectors.Result{
|
||||
DetectorType: detectorspb.DetectorType_Github,
|
||||
Raw: []byte(token),
|
||||
ExtraData: map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/github/",
|
||||
},
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
|
@ -88,14 +91,12 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
res.Body.Close()
|
||||
if err == nil {
|
||||
s1.Verified = true
|
||||
s1.ExtraData = map[string]string{
|
||||
"username": userResponse.Login,
|
||||
"url": userResponse.UserURL,
|
||||
"account_type": userResponse.Type,
|
||||
"site_admin": fmt.Sprintf("%t", userResponse.SiteAdmin),
|
||||
"name": userResponse.Name,
|
||||
"company": userResponse.Company,
|
||||
}
|
||||
s1.ExtraData["username"] = userResponse.Login
|
||||
s1.ExtraData["url"] = userResponse.UserURL
|
||||
s1.ExtraData["account_type"] = userResponse.Type
|
||||
s1.ExtraData["site_admin"] = fmt.Sprintf("%t", userResponse.SiteAdmin)
|
||||
s1.ExtraData["name"] = userResponse.Name
|
||||
s1.ExtraData["company"] = userResponse.Company
|
||||
}
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -54,6 +54,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
Raw: []byte(idMatch[1]),
|
||||
RawV2: []byte(idMatch[1] + secretMatch[1]),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/github/",
|
||||
}
|
||||
|
||||
config := &clientcredentials.Config{
|
||||
ClientID: idMatch[1],
|
||||
|
|
|
|||
|
|
@ -69,6 +69,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Github,
|
||||
Raw: []byte(token),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/github/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
client := common.SaneHttpClient()
|
||||
|
|
|
|||
|
|
@ -57,6 +57,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_GitHubApp,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/github/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
signKey, err := jwt.ParseRSAPrivateKeyFromPEM([]byte(resMatch))
|
||||
|
|
|
|||
|
|
@ -55,6 +55,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Gitlab,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/gitlab/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
isVerified, verificationErr := s.verifyGitlab(ctx, resMatch)
|
||||
|
|
|
|||
|
|
@ -51,6 +51,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Gitlab,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/gitlab/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
isVerified, verificationErr := s.verifyGitlab(ctx, resMatch)
|
||||
|
|
|
|||
|
|
@ -73,6 +73,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
Raw: []byte(resToken),
|
||||
RawV2: []byte(fmt.Sprintf("%s:%s:%s", resEmail, resToken, resDomain)),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/atlassian/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
client := s.getClient()
|
||||
|
|
|
|||
|
|
@ -42,6 +42,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Mailchimp,
|
||||
Raw: []byte(match),
|
||||
}
|
||||
s.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/mailchimp/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
datacenter := strings.Split(match, "-")[1]
|
||||
|
|
|
|||
|
|
@ -50,6 +50,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_MicrosoftTeamsWebhook,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/microsoftteams/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
client := s.client
|
||||
|
|
|
|||
|
|
@ -2,8 +2,6 @@ package mongodb
|
|||
|
||||
import (
|
||||
"context"
|
||||
"go.mongodb.org/mongo-driver/x/mongo/driver/auth"
|
||||
"go.mongodb.org/mongo-driver/x/mongo/driver/topology"
|
||||
"regexp"
|
||||
"strings"
|
||||
"time"
|
||||
|
|
@ -11,6 +9,8 @@ import (
|
|||
"go.mongodb.org/mongo-driver/mongo"
|
||||
"go.mongodb.org/mongo-driver/mongo/options"
|
||||
"go.mongodb.org/mongo-driver/mongo/readpref"
|
||||
"go.mongodb.org/mongo-driver/x/mongo/driver/auth"
|
||||
"go.mongodb.org/mongo-driver/x/mongo/driver/topology"
|
||||
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/detectors"
|
||||
"github.com/trufflesecurity/trufflehog/v3/pkg/pb/detectorspb"
|
||||
|
|
@ -49,6 +49,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_MongoDB,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/mongo/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
timeout := s.timeout
|
||||
|
|
|
|||
|
|
@ -45,6 +45,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Netlify,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/netlify/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://api.netlify.com/api/v1/sites", nil)
|
||||
|
|
|
|||
|
|
@ -47,6 +47,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_NpmToken,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/npm/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://registry.npmjs.org/-/whoami", nil)
|
||||
|
|
|
|||
|
|
@ -48,6 +48,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_NpmToken,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/npm/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", "https://registry.npmjs.org/-/whoami", nil)
|
||||
|
|
|
|||
|
|
@ -61,6 +61,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Sendbird,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/sendbird/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
req, err := http.NewRequestWithContext(ctx, "GET", fmt.Sprintf("https://api-%s.sendbird.com/v3/users", resAppIdMatch), nil)
|
||||
|
|
|
|||
|
|
@ -48,6 +48,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_SendGrid,
|
||||
Raw: []byte(res),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/sendgrid/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
// there are a few endpoints we can check, but templates seems the least sensitive.
|
||||
|
|
|
|||
|
|
@ -60,6 +60,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Slack,
|
||||
Raw: []byte(token),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/slack/",
|
||||
}
|
||||
if verify {
|
||||
client := s.client
|
||||
if s.client == nil {
|
||||
|
|
|
|||
|
|
@ -49,6 +49,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_SlackWebhook,
|
||||
Raw: []byte(resMatch),
|
||||
}
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/slack-webhook/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
||||
|
|
|
|||
|
|
@ -49,6 +49,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Square,
|
||||
Raw: []byte(res),
|
||||
}
|
||||
s.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/square/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
// there are a few endpoints we can check, but templates seems the least sensitive.
|
||||
|
|
|
|||
|
|
@ -40,6 +40,9 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
DetectorType: detectorspb.DetectorType_Stripe,
|
||||
Raw: []byte(match),
|
||||
}
|
||||
s.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/stripe/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
|
||||
|
|
|
|||
|
|
@ -54,6 +54,10 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
|
|||
Redacted: sid,
|
||||
}
|
||||
|
||||
s1.ExtraData = map[string]string{
|
||||
"rotation_guide": "https://howtorotate.com/docs/tutorials/twilio/",
|
||||
}
|
||||
|
||||
if verify {
|
||||
client = s.client
|
||||
if client == nil {
|
||||
|
|
|
|||
Loading…
Reference in a new issue