Skip to content

Commit

Permalink
_gitlab_session
Browse files Browse the repository at this point in the history
  • Loading branch information
@babenek
babenek committed Oct 18, 2024
1 parent 84bb22e commit 09a0060
Show file tree
Hide file tree
Showing 7 changed files with 140 additions and 30 deletions.
11 changes: 6 additions & 5 deletions credsweeper/rules/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1102,23 +1102,24 @@
confidence: strong
type: pattern
values:
- (?<![0-9A-Za-z_-])(?P<value>(GR1348941|gl[a-z]{2,5}-)[0-9A-Za-z_-]{20,64})(?![0-9A-Za-z_-])
- (?<![0-9A-Za-z_-])(?P<value>(_gitlab_session=|GR1348941|gl(agent|soat|ffct|p[at]t|oas|cbt|imt|[dfr]t)-)[0-9A-Za-z_-]{20,64})(?![0-9A-Za-z_-])
filter_type:
- ValuePatternCheck
min_line_len: 25
required_substrings:
- _gitlab_session=
- GR1348941
- glagent-
- glsoat-
- glffct-
- glpat-
- gloas-
- glptt-
- glcbt-
- glimt-
- glft-
- gldt-
- glft-
- glrt-
- glsoat-
- glffct-
- glagent-
target:
- code
- doc
Expand Down
8 changes: 4 additions & 4 deletions tests/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,14 +7,14 @@
NEGLIGIBLE_ML_THRESHOLD = 0.0001

# credentials count after scan
SAMPLES_CRED_COUNT: int = 405
SAMPLES_CRED_LINE_COUNT: int = 423
SAMPLES_CRED_COUNT: int = 406
SAMPLES_CRED_LINE_COUNT: int = 424

# credentials count after post-processing
SAMPLES_POST_CRED_COUNT: int = 362
SAMPLES_POST_CRED_COUNT: int = 363

# with option --doc
SAMPLES_IN_DOC = 438
SAMPLES_IN_DOC = 439

# archived credentials that are not found without --depth
SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 23
Expand Down
37 changes: 32 additions & 5 deletions tests/data/depth_3.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7012,19 +7012,19 @@
"confidence": "strong",
"line_data_list": [
{
"line": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d # OAuth Application Secret",
"line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret",
"line_num": 3,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d",
"value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc",
"value_start": 0,
"value_end": 70,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.057523931137451,
"entropy": 3.9590403170005795,
"valid": true
}
}
Expand Down Expand Up @@ -7255,10 +7255,37 @@
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies",
"line_num": 12,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2",
"value_start": 0,
"value_end": 48,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.014460876028361,
"valid": true
}
}
]
},
{
"api_validation": "NOT_AVAILABLE",
"ml_validation": "NOT_AVAILABLE",
"ml_probability": null,
"rule": "Gitlab Prefix Token",
"severity": "high",
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line_num": 13,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "glsoat-971om0ecn5A386r9k481",
"value_start": 0,
"value_end": 27,
Expand All @@ -7283,7 +7310,7 @@
"line_data_list": [
{
"line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token",
"line_num": 13,
"line_num": 14,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "glffct-AnRWYdo3Si_Xm2Q6n7zu",
Expand Down
37 changes: 32 additions & 5 deletions tests/data/doc.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11249,19 +11249,19 @@
"confidence": "strong",
"line_data_list": [
{
"line": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d # OAuth Application Secret",
"line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret",
"line_num": 3,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d",
"value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc",
"value_start": 0,
"value_end": 70,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.057523931137451,
"entropy": 3.9590403170005795,
"valid": true
}
}
Expand Down Expand Up @@ -11492,10 +11492,37 @@
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies",
"line_num": 12,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2",
"value_start": 0,
"value_end": 48,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.014460876028361,
"valid": true
}
}
]
},
{
"api_validation": "NOT_AVAILABLE",
"ml_validation": "NOT_AVAILABLE",
"ml_probability": null,
"rule": "Gitlab Prefix Token",
"severity": "high",
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line_num": 13,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "glsoat-971om0ecn5A386r9k481",
"value_start": 0,
"value_end": 27,
Expand All @@ -11520,7 +11547,7 @@
"line_data_list": [
{
"line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token",
"line_num": 13,
"line_num": 14,
"path": "./tests/samples/gitlab_prefix_token",
"info": "./tests/samples/gitlab_prefix_token|RAW",
"value": "glffct-AnRWYdo3Si_Xm2Q6n7zu",
Expand Down
37 changes: 32 additions & 5 deletions tests/data/ml_threshold.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7808,19 +7808,19 @@
"confidence": "strong",
"line_data_list": [
{
"line": "fa9d58cde66670f2215e4fd4c7c5279040ff0dd84e46f8f68b5c027b915d9d74",
"line": "92bc15279d58fb070bbd9d32d198b71888dc3f6107edfd8351e91d6a88afa2f6",
"line_num": 3,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "503d75f2b6d73c599928604cda709e02f2fbb2f42386b5b0d1426effd178cc9e",
"value": "201c2dfed2c6312e800fb94d6dce832d667d0efde915bfc6a6b24a9b624042cb",
"value_start": 0,
"value_end": 70,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.057523931137451,
"entropy": 3.9590403170005795,
"valid": true
}
}
Expand Down Expand Up @@ -8051,10 +8051,37 @@
"confidence": "strong",
"line_data_list": [
{
"line": "71585eb38cc5c4bb176f92508d1a8d147f88456e8d6b2d892e5b710c1af2e456",
"line": "c738bdf6ce16f46b0ecf0135bbfff8c757a8be546aa01e1043529188b47ad71d",
"line_num": 12,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "45386552d02ccc74b4bd573ff2154a569d35c2b08bde6dbb8f26e5dbbfa1818e",
"value_start": 0,
"value_end": 48,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.014460876028361,
"valid": true
}
}
]
},
{
"api_validation": "NOT_AVAILABLE",
"ml_validation": "NOT_AVAILABLE",
"ml_probability": null,
"rule": "Gitlab Prefix Token",
"severity": "high",
"confidence": "strong",
"line_data_list": [
{
"line": "71585eb38cc5c4bb176f92508d1a8d147f88456e8d6b2d892e5b710c1af2e456",
"line_num": 13,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "a3edeff131268f677ce6cfdd311b3c5590e648b742c50ffe9848c068f711e5bc",
"value_start": 0,
"value_end": 27,
Expand All @@ -8079,7 +8106,7 @@
"line_data_list": [
{
"line": "66fa11e9f0aba1cd41c8bdb6bee120250b3d2f01e0fe82a1fd7b5bfaec5ee35b",
"line_num": 13,
"line_num": 14,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "841024938b69b65818fbc8a340425933dbf0ef96cae799d9908797738e0ac61d",
Expand Down
37 changes: 32 additions & 5 deletions tests/data/output.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6755,19 +6755,19 @@
"confidence": "strong",
"line_data_list": [
{
"line": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d # OAuth Application Secret",
"line": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret",
"line_num": 3,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d",
"value": "gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc",
"value_start": 0,
"value_end": 70,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.057523931137451,
"entropy": 3.9590403170005795,
"valid": true
}
}
Expand Down Expand Up @@ -6998,10 +6998,37 @@
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies",
"line_num": 12,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "_gitlab_session=8d2a78c080a3af1e6a4677be474432f2",
"value_start": 0,
"value_end": 48,
"variable": null,
"variable_start": -2,
"variable_end": -2,
"entropy_validation": {
"iterator": "BASE36_CHARS",
"entropy": 4.014460876028361,
"valid": true
}
}
]
},
{
"api_validation": "NOT_AVAILABLE",
"ml_validation": "NOT_AVAILABLE",
"ml_probability": null,
"rule": "Gitlab Prefix Token",
"severity": "high",
"confidence": "strong",
"line_data_list": [
{
"line": "glsoat-971om0ecn5A386r9k481 # SCIM Tokens",
"line_num": 13,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "glsoat-971om0ecn5A386r9k481",
"value_start": 0,
"value_end": 27,
Expand All @@ -7026,7 +7053,7 @@
"line_data_list": [
{
"line": "glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token",
"line_num": 13,
"line_num": 14,
"path": "./tests/samples/gitlab_prefix_token",
"info": "",
"value": "glffct-AnRWYdo3Si_Xm2Q6n7zu",
Expand Down
3 changes: 2 additions & 1 deletion tests/samples/gitlab_prefix_token
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
https://docs.gitlab.com/ee/security/tokens/#token-prefixes
glpat-8d5ri2n9g85LAnC9YW85 # Personal access token, Impersonation token, Project access token, Group access token
gloas-6f5f0a3b2813cf9bc0374cefb9ec8638fd21236abc3addf95c42063819543a5d # OAuth Application Secret
gloas-7fc1974b38580e6ceca8c077863cd5e88745895dfcbe1ae3c36eab9c498103dc # OAuth Application Secret
gldt-9BeUoeWu2V9uUS3uLoMy # Deploy token
glrt-2CR8_eVxiio-1QmzPZwa # Runner authentication token
glcbt-1375_cgpAsnEmP-79kcfRLyK_
Expand All @@ -9,5 +9,6 @@ glptt-33276248c9748113e978392e5c074b7f974f8683 # Trigger token
glft-Aafqn5A31G-2VipZMh28 # Feed token
glimt-1jpqzsnw2n71om0r9kgt06os3 # Incoming mail token
glagent-ZQmgbRr-Ydu5YehnXCGiiSLxjd53EkFnYapS7A4TwyNE8Y2XVg # GitLab agent for Kubernetes token
_gitlab_session=8d2a78c080a3af1e6a4677be474432f2 # GitLab session cookies
glsoat-971om0ecn5A386r9k481 # SCIM Tokens
glffct-AnRWYdo3Si_Xm2Q6n7zu # Feature Flags Client token

0 comments on commit 09a0060

Please sign in to comment.