Startseite Erkunden Hilfe
Anmelden
LBP
/
gitleaks
Mirror von https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Dateien Issues 0 Wiki
Branch: master
Branches Tags
gitleaks
/
cmd
/
generate
/
config
/
rules
/
atlassian.go

atlassian.go 1.6 KB
Permalink Verlauf Originalformat

123456789101112131415161718192021222324252627282930313233343536 
  1. package rules
    2. 

  2. 

  3. import (
    4. 

  4. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
    5. 

  5. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
    6. 

  6. 	"github.com/zricethezav/gitleaks/v8/config"
    7. 

  7. )
    8. 

  8. 

  9. func Atlassian() *config.Rule {
    10. 

  10. 	// define rule
    11. 

  11. 	r := config.Rule{
    12. 

  12. 		Description: "Detected an Atlassian API token, posing a threat to project management and collaboration tool security and data confidentiality.",
    13. 

  13. 		RuleID:      "atlassian-api-token",
    14. 

  14. 		Regex: utils.MergeRegexps(
    15. 

  15. 			utils.GenerateSemiGenericRegex(
    16. 

  16. 				[]string{"(?-i:ATLASSIAN|[Aa]tlassian)", "(?-i:CONFLUENCE|[Cc]onfluence)", "(?-i:JIRA|[Jj]ira)"},
    17. 

  17. 				`[a-z0-9]{20}[a-f0-9]{4}`, // The last 4 characters are an MD5 hash.
    18. 

  18. 				true,
    19. 

  19. 			),
    20. 

  20. 			utils.GenerateUniqueTokenRegex(`ATATT3[A-Za-z0-9_\-=]{186}`, false),
    21. 

  21. 		),
    22. 

  22. 		Entropy:  3.5,
    23. 

  23. 		Keywords: []string{"atlassian", "confluence", "jira", "atatt3"},
    24. 

  24. 	}
    25. 

  25. 

  26. 	// validate
    27. 

  27. 	tps := utils.GenerateSampleSecrets("atlassian", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))
    28. 

  28. 	tps = append(tps, utils.GenerateSampleSecrets("confluence", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))...)
    29. 

  29. 	tps = append(tps, utils.GenerateSampleSecrets("jira", secrets.NewSecret(utils.AlphaNumeric("20")+"[a-f0-9]{4}"))...)
    30. 

  30. 	tps = append(tps, `JIRA_API_TOKEN=HXe8DGg1iJd2AopzyxkFB7F2`)
    31. 

  31. 	tps = append(tps, utils.GenerateSampleSecrets("jira", "ATATT3xFfGF0K3irG5tKKi-6u-wwaXQFeGwZ-IHR-hQ3CulkKtMSuteRQFfLZ6jihHThzZCg_UjnDt-4Wl_gIRf4zrZJs5JqaeuBhsfJ4W5GD6yGg3W7903gbvaxZPBjxIQQ7BgFDSkPS8oPispw4KLz56mdK-G6CIvLO6hHRrZHY0Q3tvJ6JxE=C63992E6")...)
    32. 

  32. 

  33. 	fps := []string{"getPagesInConfluenceSpace,searchConfluenceUsingCql"}
    34. 

  34. 

  35. 	return utils.Validate(r, tps, fps)
    36. 

  36. }
    37.