Inicio Explorar Ayuda
Iniciar sesión
LBP
/
gitleaks
espejo de https://github.com/gitleaks/gitleaks.git
4
0
Fork 0
Archivos Incidencias 0 Wiki
Rama: master
Ramas Etiquetas
gitleaks
/
cmd
/
generate
/
config
/
rules
/
clickhouse.go

clickhouse.go 1.1 KB
Permalink Histórico Raw

123456789101112131415161718192021222324252627282930 
  1. package rules
    2. 

  2. 

  3. import (
    4. 

  4. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/config/utils"
    5. 

  5. 	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
    6. 

  6. 	"github.com/zricethezav/gitleaks/v8/config"
    7. 

  7. 	"github.com/zricethezav/gitleaks/v8/regexp"
    8. 

  8. )
    9. 

  9. 

  10. func ClickHouseCloud() *config.Rule {
    11. 

  11. 	// define rule
    12. 

  12. 	r := config.Rule{
    13. 

  13. 		RuleID:      "clickhouse-cloud-api-secret-key",
    14. 

  14. 		Description: "Identified a pattern that may indicate clickhouse cloud API secret key, risking unauthorized clickhouse cloud api access and data breaches on ClickHouse Cloud platforms.",
    15. 

  15. 		Regex:       regexp.MustCompile(`\b(4b1d[A-Za-z0-9]{38})\b`),
    16. 

  16. 		Entropy:     3,
    17. 

  17. 		Keywords: []string{
    18. 

  18. 			"4b1d", // Prefix
    19. 

  19. 		},
    20. 

  20. 	}
    21. 

  21. 

  22. 	// validate
    23. 

  23. 	tps := utils.GenerateSampleSecrets("ClickHouse", "4b1dbRdW3rOcB7xLthrM4BTBGK1qPLkHigpN1bXD6z")
    24. 

  24. 	tps = append(tps, utils.GenerateSampleSecrets("ClickHouse", "4b1d"+secrets.NewSecret("[A-Za-z0-9]{38}"))...)
    25. 

  25. 	fps := []string{
    26. 

  26. 		`key = 4b1dXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX`,    // Low entropy
    27. 

  27. 		`key = adf4b1dbRdW3rOcB7xLthrM4BTBGK1qPLkHigpN1bXD6z`, // Not start of a word
    28. 

  28. 	}
    29. 

  29. 	return utils.Validate(r, tps, fps)
    30. 

  30. }
    31.