credsweeper 1.11.0__py3-none-any.whl → 1.11.1__py3-none-any.whl

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of credsweeper might be problematic. Click here for more details.

Files changed (9) hide show
  1. credsweeper/__init__.py +1 -1
  2. credsweeper/deep_scanner/deep_scanner.py +5 -0
  3. credsweeper/deep_scanner/tmx_scanner.py +45 -0
  4. credsweeper/utils/util.py +16 -4
  5. {credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/METADATA +1 -1
  6. {credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/RECORD +9 -8
  7. {credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/WHEEL +0 -0
  8. {credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/entry_points.txt +0 -0
  9. {credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/licenses/LICENSE +0 -0
credsweeper/__init__.py CHANGED
@@ -18,4 +18,4 @@ __all__ = [
18
18
  '__version__'
19
19
  ]
20
20
 
21
- __version__ = "1.11.0"
21
+ __version__ = "1.11.1"
credsweeper/deep_scanner/deep_scanner.py CHANGED
@@ -28,6 +28,7 @@ from .pdf_scanner import PdfScanner
28
28
  from .pkcs12_scanner import Pkcs12Scanner
29
29
  from .pptx_scanner import PptxScanner
30
30
  from .tar_scanner import TarScanner
31
+ from .tmx_scanner import TmxScanner
31
32
  from .xlsx_scanner import XlsxScanner
32
33
  from .xml_scanner import XmlScanner
33
34
  from .zip_scanner import ZipScanner
@@ -126,6 +127,10 @@ class DeepScanner(
126
127
  deep_scanners.append(MxfileScanner)
127
128
  deep_scanners.append(XmlScanner)
128
129
  fallback_scanners.append(ByteScanner)
130
+ elif Util.is_tmx(data):
131
+ deep_scanners.append(TmxScanner)
132
+ fallback_scanners.append(XmlScanner)
133
+ fallback_scanners.append(ByteScanner)
129
134
  else:
130
135
  deep_scanners.append(XmlScanner)
131
136
  fallback_scanners.append(ByteScanner)
credsweeper/deep_scanner/tmx_scanner.py ADDED
@@ -0,0 +1,45 @@
1
+ import logging
2
+ from abc import ABC
3
+ from typing import List, Optional
4
+
5
+ from lxml import etree
6
+
7
+ from credsweeper.common.constants import MIN_DATA_LEN
8
+ from credsweeper.credentials import Candidate
9
+ from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
10
+ from credsweeper.file_handler.data_content_provider import DataContentProvider
11
+ from credsweeper.file_handler.string_content_provider import StringContentProvider
12
+ from credsweeper.utils import Util
13
+
14
+ logger = logging.getLogger(__name__)
15
+
16
+
17
+ class TmxScanner(AbstractScanner, ABC):
18
+ """Realises tmX files scanning for values only. Image tags are skipped."""
19
+
20
+ def data_scan(
21
+ self, #
22
+ data_provider: DataContentProvider, #
23
+ depth: int, #
24
+ recursive_limit_size: int) -> Optional[List[Candidate]]:
25
+ """Tries to represent data as xml text and scan as text lines"""
26
+ try:
27
+ lines = []
28
+ # the format is always in single line xlm, so line numbers are not actual
29
+ tree = etree.fromstring(data_provider.data)
30
+ for element in tree.iter():
31
+ tag = Util.extract_element_data(element, "tag")
32
+ if "Image" in tag:
33
+ continue
34
+ text = Util.extract_element_data(element, "text")
35
+ if MIN_DATA_LEN > len(text):
36
+ continue
37
+ lines.append(text)
38
+ tmx_data_provider = StringContentProvider(lines=lines,
39
+ file_path=data_provider.file_path,
40
+ file_type=data_provider.file_type,
41
+ info=f"{data_provider.info}|TMX")
42
+ return self.scanner.scan(tmx_data_provider)
43
+ except Exception as exc:
44
+ logger.warning("Cannot processed tmX file %s %s", str(data_provider.file_path), str(exc))
45
+ return None
credsweeper/utils/util.py CHANGED
@@ -517,6 +517,18 @@ class Util:
517
517
  return True
518
518
  return False
519
519
 
520
+ @staticmethod
521
+ def is_tmx(data: Union[bytes, bytearray]) -> bool:
522
+ """Used to detect tm7,tm6,etc. (ThreadModeling) format."""
523
+ if isinstance(data, (bytes, bytearray)):
524
+ for opening_tag, closing_tag in [(b"<ThreatModel", b"</ThreatModel>"),
525
+ (b"<KnowledgeBase", b"</KnowledgeBase>")]:
526
+ opening_pos = data.find(opening_tag, 0, MAX_LINE_LENGTH)
527
+ if 0 <= opening_pos < data.find(closing_tag, opening_pos):
528
+ # opening and closing tags were found - suppose it is an HTML
529
+ return True
530
+ return False
531
+
520
532
  # A well-formed XML must start from < or a whitespace character
521
533
  XML_FIRST_BRACKET_PATTERN = re.compile(rb"^\s*<")
522
534
  XML_OPENING_TAG_PATTERN = re.compile(rb"<([0-9A-Za-z_]{1,256})")
@@ -583,14 +595,14 @@ class Util:
583
595
  line_nums = []
584
596
  tree = etree.fromstringlist(xml_lines)
585
597
  for element in tree.iter():
586
- tag = Util._extract_element_data(element, "tag")
587
- text = Util._extract_element_data(element, "text")
598
+ tag = Util.extract_element_data(element, "tag")
599
+ text = Util.extract_element_data(element, "text")
588
600
  lines.append(f"{tag} : {text}")
589
601
  line_nums.append(element.sourceline)
590
602
  return lines, line_nums
591
603
 
592
604
  @staticmethod
593
- def _extract_element_data(element, attr) -> str:
605
+ def extract_element_data(element: Any, attr: str) -> str:
594
606
  """Extract xml element data to string.
595
607
 
596
608
  Try to extract the xml data and strip() the string.
@@ -605,7 +617,7 @@ class Util:
605
617
  """
606
618
  element_attr: Any = getattr(element, attr)
607
619
  if element_attr is None or not isinstance(element_attr, str):
608
- return ""
620
+ return ''
609
621
  return str(element_attr).strip()
610
622
 
611
623
  @staticmethod
{credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/METADATA RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: credsweeper
3
- Version: 1.11.0
3
+ Version: 1.11.1
4
4
  Summary: Credential Sweeper
5
5
  Project-URL: Homepage, https://github.com/Samsung/CredSweeper
6
6
  Project-URL: Bug Tracker, https://github.com/Samsung/CredSweeper/issues
{credsweeper-1.11.0.dist-info → credsweeper-1.11.1.dist-info}/RECORD RENAMED
@@ -1,4 +1,4 @@
1
- credsweeper/__init__.py,sha256=QgMuMG73C_jpq7fXbkUOXA9CHYf87zF9458ytKtAUl0,632
1
+ credsweeper/__init__.py,sha256=DNgFBLOXoBUXL0IvKDJswX-CEJfApajSHSuJq_FhRtg,632
2
2
  credsweeper/__main__.py,sha256=jlI83ctJJfF0koMqP6u24JASC7MIPA2g1POx7aeuaQ8,17187
3
3
  credsweeper/app.py,sha256=sexUp4Qced22AhvbcVlb5C-QtJRoDmUp5qhc_nwj248,21369
4
4
  credsweeper/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
@@ -21,7 +21,7 @@ credsweeper/deep_scanner/__init__.py,sha256=Lp94BjQPZTgEa77E0v6xZaXZvQf2A-QTHsjq
21
21
  credsweeper/deep_scanner/abstract_scanner.py,sha256=RLwANH7C42GMdgq_uyMH895HCUwmZFfCOTmFTzO8ni0,1404
22
22
  credsweeper/deep_scanner/byte_scanner.py,sha256=oHeA8mGe995SHqWvONhTDBIE5j50TQASHA9Mv6LHYuQ,1125
23
23
  credsweeper/deep_scanner/bzip2_scanner.py,sha256=74RsjmeuffEuxmKl04lXIZt3q_Zvxj-gLHXACqVSU_o,1619
24
- credsweeper/deep_scanner/deep_scanner.py,sha256=lBfXRsALmI62WRNeo6QULLVSFfv9rP4aa_fOXNYZe_g,17035
24
+ credsweeper/deep_scanner/deep_scanner.py,sha256=l4fj7yuwCl6FWNB3UO4JmMAGEVrHSi-8OH8LIwsLTB4,17263
25
25
  credsweeper/deep_scanner/docx_scanner.py,sha256=t0vocPDY54KBjpmQBo53n5KvOISXkB-LlxFbfuRNLMA,4128
26
26
  credsweeper/deep_scanner/eml_scanner.py,sha256=iRLr2yvBWGktT2oXxl-haqnhJN3tglO1Mej10hFk0as,3512
27
27
  credsweeper/deep_scanner/encoder_scanner.py,sha256=qszql2a-lVuzVN_bNS2EsJ-Zxpqql52o1sJsLnpjX7M,1279
@@ -34,6 +34,7 @@ credsweeper/deep_scanner/pdf_scanner.py,sha256=LMyIoVJPNFOFnAfcZ5Akr7PTWSUBNPT6G
34
34
  credsweeper/deep_scanner/pkcs12_scanner.py,sha256=s6WyeLUHxqbMnM3t_eY6GUwn1Yyh_nyehprWM_HgomQ,2142
35
35
  credsweeper/deep_scanner/pptx_scanner.py,sha256=aMX6GgnUEShonHjlqhaI5w970b-2yxmKsld5kY1XdeQ,1828
36
36
  credsweeper/deep_scanner/tar_scanner.py,sha256=L3a9OUhQQweDNLVbe_LNLhldtVeU8DlS0Ux3ip_KN2w,2425
37
+ credsweeper/deep_scanner/tmx_scanner.py,sha256=6BsMysSSSJrxtssh4bf1e4vwpps7yXDDvByFkyLhC_o,1946
37
38
  credsweeper/deep_scanner/xlsx_scanner.py,sha256=Ck8j14OWy9LTXK0GBASCdPq9VhZe5ceUv0uZShFFpo8,2706
38
39
  credsweeper/deep_scanner/xml_scanner.py,sha256=Dc5vw8MhOQFppPSMMzJBANKTC1OIu_7UsuLAwPGYQ4c,1302
39
40
  credsweeper/deep_scanner/zip_scanner.py,sha256=rWNV43OV8FTpXGMkAlRCwnnaJ-WdiIpreI9FUpx7wb0,2431
@@ -144,9 +145,9 @@ credsweeper/utils/__init__.py,sha256=wPdTkrSBAkR3rppFZ68k6MiT_P7tIHuAb3AcwndJCWg
144
145
  credsweeper/utils/entropy_validator.py,sha256=711xCIBGAy-Pb6wqbMpEToa4dOYj5_CmkbKHygLeQrI,2796
145
146
  credsweeper/utils/hop_stat.py,sha256=0D7xB1CVAUhseOZWvLZXxn3MYHKZnfnFJ8hj7tONiyU,2978
146
147
  credsweeper/utils/pem_key_detector.py,sha256=Z1LJYm4WAqppF2ooj81-lbhrg2woiNKiMk8Nt4DV-G8,7721
147
- credsweeper/utils/util.py,sha256=koK8Sat8wjWHncOy0MQbnKRUrdxrJ77gt8U6spRG-oA,30451
148
- credsweeper-1.11.0.dist-info/METADATA,sha256=ntR_qdmXm2ZVenmDOzzlxcaf6lFGL8xOXHf1kNo3fsg,10504
149
- credsweeper-1.11.0.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
150
- credsweeper-1.11.0.dist-info/entry_points.txt,sha256=SLGNZshvi3zpWPhVmRP-oDXRMRPBS4tzRDy6xYOXwqA,58
151
- credsweeper-1.11.0.dist-info/licenses/LICENSE,sha256=aU7mGjBKbmRHNLVXXzcPdKmTtBxRwDPtjflQRfN7fFg,1065
152
- credsweeper-1.11.0.dist-info/RECORD,,
148
+ credsweeper/utils/util.py,sha256=p8Chj7VWJrAP8q_jQhssfm1xoiIN_iCN1uMViq-1JrA,31102
149
+ credsweeper-1.11.1.dist-info/METADATA,sha256=W39T66V_XQYHdIx91-XgGi48QJiiZN7CwGndeUN98FA,10504
150
+ credsweeper-1.11.1.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
151
+ credsweeper-1.11.1.dist-info/entry_points.txt,sha256=SLGNZshvi3zpWPhVmRP-oDXRMRPBS4tzRDy6xYOXwqA,58
152
+ credsweeper-1.11.1.dist-info/licenses/LICENSE,sha256=aU7mGjBKbmRHNLVXXzcPdKmTtBxRwDPtjflQRfN7fFg,1065
153
+ credsweeper-1.11.1.dist-info/RECORD,,