Home Verkennen Help
Inloggen
LBP
/
gitleaks
spiegel van https://github.com/gitleaks/gitleaks.git
4
0
Vork 0
Bestanden Issues 0 Wiki
Boom: db63fc1bf4
Aftakkingen Labels
gitleaks
/
cmd
/
generate
/
config
/
rules
/
telegram.go

telegram.go 4.2 KB
Geschiedenis Ruwe

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384 
  1. package rules
    2. 

  2. 

  3. import (
    4. 

  4. 	"fmt"
    5. 

  5. 

  6. 	"regexp"
    7. 

  7. 

  8. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
    9. 

  9. 	"github.com/zricethezav/gitleaks/v8/config"
    10. 

  10. )
    11. 

  11. 

  12. func TelegramBotToken() *config.Rule {
    13. 

  13. 	// define rule
    14. 

  14. 	r := config.Rule{
    15. 

  15. 		Description: "Detected a Telegram Bot API Token, risking unauthorized bot operations and message interception on Telegram.",
    16. 

  16. 		RuleID:      "telegram-bot-api-token",
    17. 

  17. 

  18. 		Regex: regexp.MustCompile(`(?i:(?:telegr)(?:[0-9a-z\(-_\t .\\]{0,40})(?:[\s|']|[\s|"]){0,3})(?:=|\|\|:|<=|=>|:|\?=|\()(?:'|\"|\s|=|\x60){0,5}([0-9]{5,16}:A[a-z0-9_\-]{34})(?:['|\"|\n|\r|\s|\x60|;|\\]|$)`),
    19. 

  19. 		Keywords: []string{
    20. 

  20. 			"telegr",
    21. 

  21. 		},
    22. 

  22. 	}
    23. 

  23. 	fmt.Println("r: ", r.Regex.String())
    24. 

  24. 

  25. 	// https://regex101.com/r/7fFAhS/1
    26. 

  26. 	// validate
    27. 

  27. 	var (
    28. 

  28. 		validToken = secrets.NewSecret(numeric("8") + ":A" + alphaNumericExtendedShort("34"))
    29. 

  29. 		minToken   = secrets.NewSecret(numeric("5") + ":A" + alphaNumericExtendedShort("34"))
    30. 

  30. 		maxToken   = secrets.NewSecret(numeric("16") + ":A" + alphaNumericExtendedShort("34"))
    31. 

  31. 		// xsdWithToken = secrets.NewSecret(`<xsd:element name="AgencyIdentificationCode" type="` + numeric("5") + `:A` + alphaNumericExtendedShort("34") + `"/>`)
    32. 

  32. 	)
    33. 

  33. 	tps := []string{
    34. 

  34. 		// variable assignment
    35. 

  35. 		generateSampleSecret("telegram", validToken),
    36. 

  36. 		// URL containing token TODO add another url based rule
    37. 

  37. 		// generateSampleSecret("url", "https://api.telegram.org/bot"+validToken+"/sendMessage"),
    38. 

  38. 		// object constructor
    39. 

  39. 		`const bot = new Telegraf("` + validToken + `")`,
    40. 

  40. 		// .env
    41. 

  41. 		`TELEGRAM_API_TOKEN = ` + validToken,
    42. 

  42. 		// YAML
    43. 

  43. 		`telegram bot: ` + validToken,
    44. 

  44. 		// Token with min bot_id
    45. 

  45. 		generateSampleSecret("telegram", minToken),
    46. 

  46. 		// Token with max bot_id
    47. 

  47. 		generateSampleSecret("telegram", maxToken),
    48. 

  48. 		// Valid token in XSD document TODO separate rule for this
    49. 

  49. 		// generateSampleSecret("telegram", xsdWithToken),
    50. 

  50. 	}
    51. 

  51. 

  52. 	var (
    53. 

  53. 		tooSmallToken                = secrets.NewSecret(numeric("4") + ":A" + alphaNumericExtendedShort("34"))
    54. 

  54. 		tooBigToken                  = secrets.NewSecret(numeric("17") + ":A" + alphaNumericExtendedShort("34"))
    55. 

  55. 		xsdAgencyIdentificationCode1 = secrets.NewSecret(`<xsd:element name="AgencyIdentificationCode" type="clm`+numeric("5")+":AgencyIdentificationCodeContentType") + `"/>`
    56. 

  56. 		xsdAgencyIdentificationCode2 = secrets.NewSecret(`token:"clm` + numeric("5") + `:AgencyIdentificationCodeContentType"`)
    57. 

  57. 		xsdAgencyIdentificationCode3 = secrets.NewSecret(`<xsd:element name="AgencyIdentificationCode" type="clm` + numeric("8") + `:AgencyIdentificationCodeContentType"/>`)
    58. 

  58. 		prefixedToken1               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:Ahello` + alphaNumericExtendedShort("34") + `\"`)
    59. 

  59. 		prefixedToken2               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:A-some-other-thing-` + alphaNumericExtendedShort("34") + `\"`)
    60. 

  60. 		prefixedToken3               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:A_` + alphaNumericExtendedShort("34") + `\"`)
    61. 

  61. 		suffixedToken1               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:A` + alphaNumericExtendedShort("34") + `hello\"`)
    62. 

  62. 		suffixedToken2               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:A` + alphaNumericExtendedShort("34") + `-some-other-thing\"`)
    63. 

  63. 		suffixedToken3               = secrets.NewSecret(`telegram_api_token = \"` + numeric("8") + `:A_` + alphaNumericExtendedShort("34") + `_\"`)
    64. 

  64. 	)
    65. 

  65. 	fps := []string{
    66. 

  66. 		// Token with too small bot_id
    67. 

  67. 		generateSampleSecret("telegram", tooSmallToken),
    68. 

  68. 		// Token with too big bot_id
    69. 

  69. 		generateSampleSecret("telegram", tooBigToken),
    70. 

  70. 		// XSD file containing the string AgencyIdentificationCodeContentType
    71. 

  71. 		generateSampleSecret("telegram", xsdAgencyIdentificationCode1),
    72. 

  72. 		generateSampleSecret("telegram", xsdAgencyIdentificationCode2),
    73. 

  73. 		generateSampleSecret("telegram", xsdAgencyIdentificationCode3),
    74. 

  74. 		// Prefix and suffix variations that shouldn't match
    75. 

  75. 		generateSampleSecret("telegram", prefixedToken1),
    76. 

  76. 		generateSampleSecret("telegram", prefixedToken2),
    77. 

  77. 		generateSampleSecret("telegram", prefixedToken3),
    78. 

  78. 		generateSampleSecret("telegram", suffixedToken1),
    79. 

  79. 		generateSampleSecret("telegram", suffixedToken2),
    80. 

  80. 		generateSampleSecret("telegram", suffixedToken3),
    81. 

  81. 	}
    82. 

  82. 

  83. 	return validate(r, tps, fps)
    84. 

  84. }
    85.