vor 2 Jahren · 163ec21120
--- a/cmd/generate/config/rules/sumologic.go
+++ b/cmd/generate/config/rules/sumologic.go
@@ -1,6 +1,8 @@
 
				 package rules
			
 
				 
			
 
				 import (
			
 
				+	"regexp"
			
 
				+
			
 
				 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
			
 
				 	"github.com/zricethezav/gitleaks/v8/config"
			
 
				 )
			
@@ -10,19 +12,42 @@ func SumoLogicAccessID() *config.Rule {
 
				 	r := config.Rule{
			
 
				 		RuleID:      "sumologic-access-id",
			
 
				 		Description: "SumoLogic Access ID",
			
 
				+		// TODO: Make 'su' case-sensitive.
			
 
				 		Regex: generateSemiGenericRegex([]string{"sumo"},
			
 
				-			alphaNumeric("14")),
			
 
				+			"su[a-zA-Z0-9]{12}"),
			
 
				 		SecretGroup: 1,
			
 
				+		Entropy:     3,
			
 
				 		Keywords: []string{
			
 
				 			"sumo",
			
 
				 		},
			
 
				+		Allowlist: config.Allowlist{
			
 
				+			RegexTarget: "line",
			
 
				+			Regexes: []*regexp.Regexp{
			
 
				+				regexp.MustCompile(`sumOf`),
			
 
				+			},
			
 
				+		},
			
 
				 	}
			
 
				 
			
 
				 	// validate
			
 
				 	tps := []string{
			
 
				-		generateSampleSecret("sumo", secrets.NewSecret(alphaNumeric("14"))),
			
 
				+		`sumologic.accessId = "su9OL59biWiJu7"`,      // gitleaks:allow
			
 
				+		`sumologic_access_id = "sug5XpdpaoxtOH"`,     // gitleaks:allow
			
 
				+		`export SUMOLOGIC_ACCESSID="suDbJw97o9WVo0"`, // gitleaks:allow
			
 
				+		`SUMO_ACCESS_ID = "suGyI5imvADdvU"`,          // gitleaks:allow
			
 
				+		generateSampleSecret("sumo", "su"+secrets.NewSecret(alphaNumeric("12"))),
			
 
				 	}
			
 
				-	return validate(r, tps, nil)
			
 
				+	fps := []string{
			
 
				+		`- (NSNumber *)sumOfProperty:(NSString *)property;`,
			
 
				+		`- (NSInteger)sumOfValuesInRange:(NSRange)range;`,
			
 
				+		`+ (unsigned char)byteChecksumOfData:(id)arg1;`,
			
 
				+		`sumOfExposures = sumOfExposures;`, // gitleaks:allow
			
 
				+		`.si-sumologic.si--color::before { color: #000099; }`,
			
 
				+		`/// Based on the SumoLogic keyword syntax:`,
			
 
				+		`sumologic_access_id         = ""`,
			
 
				+		`SUMOLOGIC_ACCESSID: ${SUMOLOGIC_ACCESSID}`,
			
 
				+		`export SUMOLOGIC_ACCESSID=XXXXXXXXXXXXXX`, // gitleaks:allow
			
 
				+	}
			
 
				+	return validate(r, tps, fps)
			
 
				 }
			
 
				 
			
 
				 func SumoLogicAccessToken() *config.Rule {
			
@@ -33,6 +58,7 @@ func SumoLogicAccessToken() *config.Rule {
 
				 		Regex: generateSemiGenericRegex([]string{"sumo"},
			
 
				 			alphaNumeric("64")),
			
 
				 		SecretGroup: 1,
			
 
				+		Entropy:     3,
			
 
				 		Keywords: []string{
			
 
				 			"sumo",
			
 
				 		},
			
@@ -40,7 +66,19 @@ func SumoLogicAccessToken() *config.Rule {
 
				 
			
 
				 	// validate
			
 
				 	tps := []string{
			
 
				+		`export SUMOLOGIC_ACCESSKEY="3HSa1hQfz6BYzlxf7Yb1WKG3Hyovm56LMFChV2y9LgkRipsXCujcLb5ej3oQUJlx"`, // gitleaks:allow
			
 
				+		`SUMO_ACCESS_KEY: gxq3rJQkS6qovOg9UY2Q70iH1jFZx0WBrrsiAYv4XHodogAwTKyLzvFK4neRN8Dk`,             // gitleaks:allow
			
 
				+		`SUMOLOGIC_ACCESSKEY: 9RITWb3I3kAnSyUolcVJq4gwM17JRnQK8ugRaixFfxkdSl8ys17ZtEL3LotESKB7`,         // gitleaks:allow
			
 
				+		`sumo_access_key = "3Kof2VffNQ0QgYIhXUPJosVlCaQKm2hfpWE6F1fT9YGY74blQBIPsrkCcf1TwKE5"`,          // gitleaks:allow
			
 
				 		generateSampleSecret("sumo", secrets.NewSecret(alphaNumeric("64"))),
			
 
				 	}
			
 
				-	return validate(r, tps, nil)
			
 
				+	fps := []string{
			
 
				+		`#   SUMO_ACCESS_KEY=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx`, // gitleaks:allow
			
 
				+		"-e SUMO_ACCESS_KEY=`etcdctl get /sumologic_secret`",
			
 
				+		`SUMO_ACCESS_KEY={SumoAccessKey}`,
			
 
				+		`SUMO_ACCESS_KEY=${SUMO_ACCESS_KEY:=$2}`,
			
 
				+		`sumo_access_key   = "<SUMOLOGIC ACCESS KEY>"`,
			
 
				+		`SUMO_ACCESS_KEY: AbCeFG123`,
			
 
				+	}
			
 
				+	return validate(r, tps, fps)
			
 
				 }
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -2414,7 +2414,6 @@ id = "plaid-client-id"
 
				 description = "Plaid Client ID"
			
 
				 regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{24})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 secretGroup = 1
			
 
				-entropy = 3.5
			
 
				 keywords = [
			
 
				     "plaid",
			
 
				 ]
			
@@ -2424,7 +2423,6 @@ id = "plaid-secret-key"
 
				 description = "Plaid Secret key"
			
 
				 regex = '''(?i)(?:plaid)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{30})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 secretGroup = 1
			
 
				-entropy = 3.5
			
 
				 keywords = [
			
 
				     "plaid",
			
 
				 ]
			
@@ -2739,17 +2737,24 @@ keywords = [
 
				 [[rules]]
			
 
				 id = "sumologic-access-id"
			
 
				 description = "SumoLogic Access ID"
			
 
				-regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{14})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				+regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}(su[a-zA-Z0-9]{12})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 secretGroup = 1
			
 
				+entropy = 3
			
 
				 keywords = [
			
 
				     "sumo",
			
 
				 ]
			
 
				+[rules.allowlist]
			
 
				+regexTarget = "line"
			
 
				+regexes = [
			
 
				+    "sumOf",
			
 
				+]
			
 
				 
			
 
				 [[rules]]
			
 
				 id = "sumologic-access-token"
			
 
				 description = "SumoLogic Access Token"
			
 
				 regex = '''(?i)(?:sumo)(?:[0-9a-z\-_\t .]{0,20})(?:[\s|']|[\s|"]){0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=)(?:'|\"|\s|=|\x60){0,5}([a-z0-9]{64})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
			
 
				 secretGroup = 1
			
 
				+entropy = 3
			
 
				 keywords = [
			
 
				     "sumo",
			
 
				 ]