1 年之前 · e977850ab4
--- a/cmd/generate/config/main.go
+++ b/cmd/generate/config/main.go
@@ -147,6 +147,7 @@ func main() {
 
				 		rules.MailGunSigningKey(),
			
 
				 		rules.MapBox(),
			
 
				 		rules.MattermostAccessToken(),
			
 
				+		rules.Meraki(),
			
 
				 		rules.MessageBirdAPIToken(),
			
 
				 		rules.MessageBirdClientID(),
			
 
				 		rules.NetlifyAccessToken(),
			
--- a/cmd/generate/config/rules/meraki.go
+++ b/cmd/generate/config/rules/meraki.go
@@ -0,0 +1,29 @@
 
				+package rules
			
 
				+
			
 
				+import (
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
			
 
				+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
			
 
				+	"github.com/zricethezav/gitleaks/v8/config"
			
 
				+)
			
 
				+
			
 
				+func Meraki() *config.Rule {
			
 
				+	// define rule
			
 
				+	r := config.Rule{
			
 
				+		RuleID:      "cisco-meraki-api-key",
			
 
				+		Description: "Cisco Meraki is a cloud-managed IT solution that provides networking, security, and device management through an easy-to-use interface.",
			
 
				+		Regex: utils.GenerateSemiGenericRegex([]string{"meraki"},
			
 
				+			`[0-9a-f]{40}`, false),
			
 
				+		Entropy:  3,
			
 
				+		Keywords: []string{"meraki"},
			
 
				+	}
			
 
				+
			
 
				+	// validate
			
 
				+	tps := utils.GenerateSampleSecrets("meraki", secrets.NewSecret(utils.Hex("40")))
			
 
				+	fps := []string{
			
 
				+		`meraki: aaaaaaaaaa1111111111bbbbbbbbbb2222222222`,                                   // low entropy
			
 
				+		`meraki-api-key: acdeFf05b1a6d4c890237bf08c5e6e8d2b4d0f2e`,                           // invalid case
			
 
				+		`meraki: abdefghjk0123456789mnopqrstuvwx12345678`,                                    // invalid character
			
 
				+		`meraki_token = 5cb4a5f04cd412fe946667b17f0129ba17aeb2e0c7b5b7264efcebf7d022bfe2R21`, // invalid length
			
 
				+	}
			
 
				+	return utils.Validate(r, tps, fps)
			
 
				+}
			
--- a/config/gitleaks.toml
+++ b/config/gitleaks.toml
@@ -203,6 +203,13 @@ description = "Detected a Bittrex Secret Key, potentially compromising cryptocur
 
				 regex = '''(?i)[\w.-]{0,50}?(?:bittrex)(?:[ \t\w.-]{0,20})[\s'"|]{0,3}(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)[\x60'"\s=]{0,5}([a-z0-9]{32})(?:[\x60'"\s;]|$)'''
			
 
				 keywords = ["bittrex"]
			
 
				 
			
 
				+[[rules]]
			
 
				+id = "cisco-meraki-api-key"
			
 
				+description = "Cisco Meraki is a cloud-managed IT solution that provides networking, security, and device management through an easy-to-use interface."
			
 
				+regex = '''[\w.-]{0,50}?(?i:[\w.-]{0,50}?(?:meraki)(?:[ \t\w.-]{0,20})[\s'"|]{0,3})(?:=|>|:{1,3}=|\|\|:|<=|=>|:|\?=|,)[`'"\s=]{0,5}([0-9a-f]{40})(?:[`'"\s;]|$)'''
			
 
				+entropy = 3
			
 
				+keywords = ["meraki"]
			
 
				+
			
 
				 [[rules]]
			
 
				 id = "clojars-api-token"
			
 
				 description = "Uncovered a possible Clojars API token, risking unauthorized access to Clojure libraries and potential code manipulation."