credsweeper 1.11.0__py3-none-any.whl → 1.11.2__py3-none-any.whl
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Potentially problematic release.
This version of credsweeper might be problematic. Click here for more details.
- credsweeper/__init__.py +1 -1
- credsweeper/common/keyword_pattern.py +17 -9
- credsweeper/deep_scanner/deep_scanner.py +5 -0
- credsweeper/deep_scanner/tmx_scanner.py +45 -0
- credsweeper/filters/__init__.py +0 -1
- credsweeper/filters/group/group.py +3 -4
- credsweeper/filters/group/url_credentials_group.py +2 -3
- credsweeper/filters/value_allowlist_check.py +6 -7
- credsweeper/rules/config.yaml +2 -2
- credsweeper/utils/util.py +16 -4
- {credsweeper-1.11.0.dist-info → credsweeper-1.11.2.dist-info}/METADATA +1 -1
- {credsweeper-1.11.0.dist-info → credsweeper-1.11.2.dist-info}/RECORD +15 -15
- credsweeper/filters/value_first_word_check.py +0 -38
- {credsweeper-1.11.0.dist-info → credsweeper-1.11.2.dist-info}/WHEEL +0 -0
- {credsweeper-1.11.0.dist-info → credsweeper-1.11.2.dist-info}/entry_points.txt +0 -0
- {credsweeper-1.11.0.dist-info → credsweeper-1.11.2.dist-info}/licenses/LICENSE +0 -0
credsweeper/__init__.py
CHANGED
|
@@ -8,20 +8,20 @@ class KeywordPattern:
|
|
|
8
8
|
r"(?P<keyword>"
|
|
9
9
|
# there will be inserted a keyword
|
|
10
10
|
key_right = r")" \
|
|
11
|
-
r"[^%:='\"`<>{
|
|
11
|
+
r"[^%:='\"`<>{?!&;\n]*" \
|
|
12
12
|
r")" \
|
|
13
13
|
r"(&(quot|apos);|%[0-9a-f]{2}|[`'\"])*" \
|
|
14
14
|
r")" # <variable>
|
|
15
15
|
separator = r"(\s|\\{1,8}[tnr])*\]?(\s|\\{1,8}[tnr])*" \
|
|
16
|
-
r"(?P<separator>:(\s[a-z]{3,9}[?]?\s)
|
|
16
|
+
r"(?P<separator>:(\s[a-z]{3,9}[?]?\s)?=|:(?!:)|=(>|>|(\\\\*u00|%)26gt;)|!==|!=|===|==|=|%3d)" \
|
|
17
17
|
r"(\s|\\{1,8}[tnr])*"
|
|
18
18
|
# might be curly, square or parenthesis with words before
|
|
19
19
|
wrap = r"(?P<wrap>(" \
|
|
20
|
-
r"(new(\s|\\{1,8}[tnr]){1,8})?" \
|
|
21
|
-
r"([0-9a-z_.]
|
|
20
|
+
r"(new(\s|\\{1,8}[tnr]|byte|char|string|\[\]){1,8})?" \
|
|
21
|
+
r"([0-9a-z_.]|::|-(>|>))*" \
|
|
22
22
|
r"[\[\(\{]" \
|
|
23
23
|
r"(\s|\\{1,8}[tnr])*" \
|
|
24
|
-
r"([0-9a-z_]{1,32}
|
|
24
|
+
r"([0-9a-z_]{1,32}[:=]\s*)?" \
|
|
25
25
|
r"){1,8})?"
|
|
26
26
|
string_prefix = r"(((b|r|br|rb|u|f|rf|fr|l|@)(?=(\\*[`'\"])))?"
|
|
27
27
|
left_quote = r"(?P<value_leftquote>((?P<esq>\\{1,8})?([`'\"]|&(quot|apos);)){1,4}))?"
|
|
@@ -39,14 +39,22 @@ class KeywordPattern:
|
|
|
39
39
|
r"(?P<url_esc>%[0-9a-f]{2})" \
|
|
40
40
|
r"|" \
|
|
41
41
|
r"(?(url_esc)[^\s`'\",;\\&]|[^\s`'\",;\\])" \
|
|
42
|
-
r")
|
|
43
|
-
r"
|
|
44
|
-
r"|
|
|
42
|
+
r")"\
|
|
43
|
+
r"){4,8000}" \
|
|
44
|
+
r"|" \
|
|
45
|
+
r"(<[^>]{4,8000}>)" \
|
|
46
|
+
r"|" \
|
|
47
|
+
r"(\$?\({1,3}[^)]{4,8000}\){1,3})" \
|
|
48
|
+
r"|" \
|
|
49
|
+
r"(\$?\{{1,3}[^}]{4,8000}\}{1,3})" \
|
|
50
|
+
r"|" \
|
|
51
|
+
r"(?(wrap)(?(value_leftquote)(?!\\(?P=value_leftquote))|[^\]\)\}]){16,8000})"\
|
|
45
52
|
r")" # <value>
|
|
46
53
|
right_quote = r"(?(value_leftquote)" \
|
|
47
54
|
r"(?P<value_rightquote>(?<!\\)(?P=value_leftquote)|\\$|(?<=[0-9a-z+_/-])$)" \
|
|
48
55
|
r"|" \
|
|
49
|
-
r"(?(wrap)
|
|
56
|
+
r"(?(wrap)(\]|\)|\}|,|;|\\|$))" \
|
|
57
|
+
r")"
|
|
50
58
|
|
|
51
59
|
@classmethod
|
|
52
60
|
def get_keyword_pattern(cls, keyword: str) -> re.Pattern:
|
|
@@ -28,6 +28,7 @@ from .pdf_scanner import PdfScanner
|
|
|
28
28
|
from .pkcs12_scanner import Pkcs12Scanner
|
|
29
29
|
from .pptx_scanner import PptxScanner
|
|
30
30
|
from .tar_scanner import TarScanner
|
|
31
|
+
from .tmx_scanner import TmxScanner
|
|
31
32
|
from .xlsx_scanner import XlsxScanner
|
|
32
33
|
from .xml_scanner import XmlScanner
|
|
33
34
|
from .zip_scanner import ZipScanner
|
|
@@ -126,6 +127,10 @@ class DeepScanner(
|
|
|
126
127
|
deep_scanners.append(MxfileScanner)
|
|
127
128
|
deep_scanners.append(XmlScanner)
|
|
128
129
|
fallback_scanners.append(ByteScanner)
|
|
130
|
+
elif Util.is_tmx(data):
|
|
131
|
+
deep_scanners.append(TmxScanner)
|
|
132
|
+
fallback_scanners.append(XmlScanner)
|
|
133
|
+
fallback_scanners.append(ByteScanner)
|
|
129
134
|
else:
|
|
130
135
|
deep_scanners.append(XmlScanner)
|
|
131
136
|
fallback_scanners.append(ByteScanner)
|
|
@@ -0,0 +1,45 @@
|
|
|
1
|
+
import logging
|
|
2
|
+
from abc import ABC
|
|
3
|
+
from typing import List, Optional
|
|
4
|
+
|
|
5
|
+
from lxml import etree
|
|
6
|
+
|
|
7
|
+
from credsweeper.common.constants import MIN_DATA_LEN
|
|
8
|
+
from credsweeper.credentials import Candidate
|
|
9
|
+
from credsweeper.deep_scanner.abstract_scanner import AbstractScanner
|
|
10
|
+
from credsweeper.file_handler.data_content_provider import DataContentProvider
|
|
11
|
+
from credsweeper.file_handler.string_content_provider import StringContentProvider
|
|
12
|
+
from credsweeper.utils import Util
|
|
13
|
+
|
|
14
|
+
logger = logging.getLogger(__name__)
|
|
15
|
+
|
|
16
|
+
|
|
17
|
+
class TmxScanner(AbstractScanner, ABC):
|
|
18
|
+
"""Realises tmX files scanning for values only. Image tags are skipped."""
|
|
19
|
+
|
|
20
|
+
def data_scan(
|
|
21
|
+
self, #
|
|
22
|
+
data_provider: DataContentProvider, #
|
|
23
|
+
depth: int, #
|
|
24
|
+
recursive_limit_size: int) -> Optional[List[Candidate]]:
|
|
25
|
+
"""Tries to represent data as xml text and scan as text lines"""
|
|
26
|
+
try:
|
|
27
|
+
lines = []
|
|
28
|
+
# the format is always in single line xlm, so line numbers are not actual
|
|
29
|
+
tree = etree.fromstring(data_provider.data)
|
|
30
|
+
for element in tree.iter():
|
|
31
|
+
tag = Util.extract_element_data(element, "tag")
|
|
32
|
+
if "Image" in tag:
|
|
33
|
+
continue
|
|
34
|
+
text = Util.extract_element_data(element, "text")
|
|
35
|
+
if MIN_DATA_LEN > len(text):
|
|
36
|
+
continue
|
|
37
|
+
lines.append(text)
|
|
38
|
+
tmx_data_provider = StringContentProvider(lines=lines,
|
|
39
|
+
file_path=data_provider.file_path,
|
|
40
|
+
file_type=data_provider.file_type,
|
|
41
|
+
info=f"{data_provider.info}|TMX")
|
|
42
|
+
return self.scanner.scan(tmx_data_provider)
|
|
43
|
+
except Exception as exc:
|
|
44
|
+
logger.warning("Cannot processed tmX file %s %s", str(data_provider.file_path), str(exc))
|
|
45
|
+
return None
|
credsweeper/filters/__init__.py
CHANGED
|
@@ -22,7 +22,6 @@ from credsweeper.filters.value_entropy_base32_check import ValueEntropyBase32Che
|
|
|
22
22
|
from credsweeper.filters.value_entropy_base36_check import ValueEntropyBase36Check
|
|
23
23
|
from credsweeper.filters.value_entropy_base64_check import ValueEntropyBase64Check
|
|
24
24
|
from credsweeper.filters.value_file_path_check import ValueFilePathCheck
|
|
25
|
-
from credsweeper.filters.value_first_word_check import ValueFirstWordCheck
|
|
26
25
|
from credsweeper.filters.value_github_check import ValueGitHubCheck
|
|
27
26
|
from credsweeper.filters.value_grafana_check import ValueGrafanaCheck
|
|
28
27
|
from credsweeper.filters.value_grafana_service_check import ValueGrafanaServiceCheck
|
|
@@ -4,9 +4,9 @@ from typing import List
|
|
|
4
4
|
from credsweeper.common.constants import GroupType
|
|
5
5
|
from credsweeper.config import Config
|
|
6
6
|
from credsweeper.filters import (Filter, LineSpecificKeyCheck, ValueAllowlistCheck, ValueArrayDictionaryCheck,
|
|
7
|
-
ValueBlocklistCheck, ValueCamelCaseCheck, ValueFilePathCheck,
|
|
8
|
-
|
|
9
|
-
|
|
7
|
+
ValueBlocklistCheck, ValueCamelCaseCheck, ValueFilePathCheck, ValueLastWordCheck,
|
|
8
|
+
ValueMethodCheck, ValueNotAllowedPatternCheck, ValuePatternCheck, ValueSimilarityCheck,
|
|
9
|
+
ValueStringTypeCheck, ValueTokenCheck, ValueHexNumberCheck)
|
|
10
10
|
|
|
11
11
|
|
|
12
12
|
class Group(ABC):
|
|
@@ -39,7 +39,6 @@ class Group(ABC):
|
|
|
39
39
|
ValueBlocklistCheck(),
|
|
40
40
|
ValueCamelCaseCheck(),
|
|
41
41
|
ValueFilePathCheck(),
|
|
42
|
-
ValueFirstWordCheck(),
|
|
43
42
|
ValueHexNumberCheck(),
|
|
44
43
|
ValueLastWordCheck(),
|
|
45
44
|
ValueMethodCheck(),
|
|
@@ -2,8 +2,8 @@ from credsweeper.common.constants import GroupType
|
|
|
2
2
|
from credsweeper.config import Config
|
|
3
3
|
from credsweeper.filters import (ValueAllowlistCheck, ValueArrayDictionaryCheck, ValueBlocklistCheck,
|
|
4
4
|
ValueCamelCaseCheck, ValueDictionaryValueLengthCheck, ValueFilePathCheck,
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
ValueLastWordCheck, ValueMethodCheck, ValueNotAllowedPatternCheck, ValuePatternCheck,
|
|
6
|
+
ValueStringTypeCheck, ValueTokenCheck)
|
|
7
7
|
from credsweeper.filters.group import Group
|
|
8
8
|
|
|
9
9
|
|
|
@@ -23,7 +23,6 @@ class UrlCredentialsGroup(Group):
|
|
|
23
23
|
ValueBlocklistCheck(),
|
|
24
24
|
ValueCamelCaseCheck(),
|
|
25
25
|
ValueFilePathCheck(),
|
|
26
|
-
ValueFirstWordCheck(),
|
|
27
26
|
ValueLastWordCheck(),
|
|
28
27
|
ValueMethodCheck(),
|
|
29
28
|
ValueStringTypeCheck(config),
|
|
@@ -25,6 +25,7 @@ class ValueAllowlistCheck(Filter):
|
|
|
25
25
|
|
|
26
26
|
ALLOWED_QUOTED = [
|
|
27
27
|
r"\$[a-z_]+[0-9a-z_]*([$\s]|$)", #
|
|
28
|
+
r"\$\([^)]+\)", #
|
|
28
29
|
r".*\*\*\*", #
|
|
29
30
|
]
|
|
30
31
|
|
|
@@ -33,6 +34,7 @@ class ValueAllowlistCheck(Filter):
|
|
|
33
34
|
ALLOWED_UNQUOTED = [
|
|
34
35
|
r"[~a-z0-9_]+((\.|->)[a-z0-9_]+)+\(.*$", #
|
|
35
36
|
r"\$[a-z_]+[0-9a-z_]*\b", #
|
|
37
|
+
r"\$\([.0-9a-z_-]+", #
|
|
36
38
|
r".*\*\*\*\*\*", #
|
|
37
39
|
]
|
|
38
40
|
|
|
@@ -52,14 +54,11 @@ class ValueAllowlistCheck(Filter):
|
|
|
52
54
|
True, if need to filter candidate and False if left
|
|
53
55
|
|
|
54
56
|
"""
|
|
55
|
-
|
|
56
|
-
|
|
57
|
-
return True
|
|
58
|
-
elif line_data.is_well_quoted_value:
|
|
59
|
-
if self.ALLOWED_QUOTED_PATTERN.match(line_data.value):
|
|
57
|
+
if line_data.is_well_quoted_value:
|
|
58
|
+
if self.ALLOWED_PATTERN.match(line_data.value) or self.ALLOWED_QUOTED_PATTERN.match(line_data.value):
|
|
60
59
|
return True
|
|
61
60
|
else:
|
|
62
|
-
|
|
61
|
+
value = line_data.wrap + line_data.value if line_data.wrap else line_data.value
|
|
62
|
+
if self.ALLOWED_PATTERN.match(value) or self.ALLOWED_UNQUOTED_PATTERN.match(value):
|
|
63
63
|
return True
|
|
64
|
-
|
|
65
64
|
return False
|
credsweeper/rules/config.yaml
CHANGED
|
@@ -448,7 +448,7 @@
|
|
|
448
448
|
confidence: moderate
|
|
449
449
|
type: keyword
|
|
450
450
|
values:
|
|
451
|
-
- (?<!by)pass(?!ed|ing|es|\s+[a-z]{3,80})|pw(d|\b)
|
|
451
|
+
- (?<!by)pass(?!ed|ing|es|age|\s+[a-z]{3,80})|pw(d|\b)
|
|
452
452
|
filter_type: PasswordKeyword
|
|
453
453
|
use_ml: true
|
|
454
454
|
min_line_len: 10
|
|
@@ -890,7 +890,7 @@
|
|
|
890
890
|
confidence: moderate
|
|
891
891
|
type: keyword
|
|
892
892
|
values:
|
|
893
|
-
- nonce
|
|
893
|
+
- (?<!\\)nonce
|
|
894
894
|
filter_type: GeneralKeyword
|
|
895
895
|
use_ml: true
|
|
896
896
|
min_line_len: 13
|
credsweeper/utils/util.py
CHANGED
|
@@ -517,6 +517,18 @@ class Util:
|
|
|
517
517
|
return True
|
|
518
518
|
return False
|
|
519
519
|
|
|
520
|
+
@staticmethod
|
|
521
|
+
def is_tmx(data: Union[bytes, bytearray]) -> bool:
|
|
522
|
+
"""Used to detect tm7,tm6,etc. (ThreadModeling) format."""
|
|
523
|
+
if isinstance(data, (bytes, bytearray)):
|
|
524
|
+
for opening_tag, closing_tag in [(b"<ThreatModel", b"</ThreatModel>"),
|
|
525
|
+
(b"<KnowledgeBase", b"</KnowledgeBase>")]:
|
|
526
|
+
opening_pos = data.find(opening_tag, 0, MAX_LINE_LENGTH)
|
|
527
|
+
if 0 <= opening_pos < data.find(closing_tag, opening_pos):
|
|
528
|
+
# opening and closing tags were found - suppose it is an HTML
|
|
529
|
+
return True
|
|
530
|
+
return False
|
|
531
|
+
|
|
520
532
|
# A well-formed XML must start from < or a whitespace character
|
|
521
533
|
XML_FIRST_BRACKET_PATTERN = re.compile(rb"^\s*<")
|
|
522
534
|
XML_OPENING_TAG_PATTERN = re.compile(rb"<([0-9A-Za-z_]{1,256})")
|
|
@@ -583,14 +595,14 @@ class Util:
|
|
|
583
595
|
line_nums = []
|
|
584
596
|
tree = etree.fromstringlist(xml_lines)
|
|
585
597
|
for element in tree.iter():
|
|
586
|
-
tag = Util.
|
|
587
|
-
text = Util.
|
|
598
|
+
tag = Util.extract_element_data(element, "tag")
|
|
599
|
+
text = Util.extract_element_data(element, "text")
|
|
588
600
|
lines.append(f"{tag} : {text}")
|
|
589
601
|
line_nums.append(element.sourceline)
|
|
590
602
|
return lines, line_nums
|
|
591
603
|
|
|
592
604
|
@staticmethod
|
|
593
|
-
def
|
|
605
|
+
def extract_element_data(element: Any, attr: str) -> str:
|
|
594
606
|
"""Extract xml element data to string.
|
|
595
607
|
|
|
596
608
|
Try to extract the xml data and strip() the string.
|
|
@@ -605,7 +617,7 @@ class Util:
|
|
|
605
617
|
"""
|
|
606
618
|
element_attr: Any = getattr(element, attr)
|
|
607
619
|
if element_attr is None or not isinstance(element_attr, str):
|
|
608
|
-
return
|
|
620
|
+
return ''
|
|
609
621
|
return str(element_attr).strip()
|
|
610
622
|
|
|
611
623
|
@staticmethod
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
credsweeper/__init__.py,sha256=
|
|
1
|
+
credsweeper/__init__.py,sha256=31n6VGpjxTnUopRT_gkDzt_Udpt7Hesw1QtJUiK2C9U,632
|
|
2
2
|
credsweeper/__main__.py,sha256=jlI83ctJJfF0koMqP6u24JASC7MIPA2g1POx7aeuaQ8,17187
|
|
3
3
|
credsweeper/app.py,sha256=sexUp4Qced22AhvbcVlb5C-QtJRoDmUp5qhc_nwj248,21369
|
|
4
4
|
credsweeper/py.typed,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
|
|
@@ -6,7 +6,7 @@ credsweeper/common/__init__.py,sha256=mYiHEDV0hSeWcFx0Wb8oIRDCPR92ben0mCuC9-gCTg
|
|
|
6
6
|
credsweeper/common/constants.py,sha256=plBHrIVfj4CBpymIgLxTPiYr66_By3QKlgCoHYVKPLc,5534
|
|
7
7
|
credsweeper/common/keyword_checklist.py,sha256=6EKNdMMryZykedAOhEc-MF1byi5oXmAiljq61T_nco4,2258
|
|
8
8
|
credsweeper/common/keyword_checklist.txt,sha256=a8GW-wF6D83uVFYxMWEsUFlth6c1B_KDpF8_Xpj0mE8,7169
|
|
9
|
-
credsweeper/common/keyword_pattern.py,sha256=
|
|
9
|
+
credsweeper/common/keyword_pattern.py,sha256=d-Mk9VPNg68wazcofcAZxwYxUCIEredTYIn061knDmM,2928
|
|
10
10
|
credsweeper/common/morpheme_checklist.txt,sha256=Q-vc60F05Y-DiZP9rYahouPRf7kxEyy9gsXQTWE0pc4,8862
|
|
11
11
|
credsweeper/config/__init__.py,sha256=3_lLgF2P-EurNupTYmHvY11Ba8rdjhLJAAfTiMJW4mY,45
|
|
12
12
|
credsweeper/config/config.py,sha256=Rfc8YLa4bcG_AMequbfQ-HggS74jC4OqTtaWOoGxJdA,2630
|
|
@@ -21,7 +21,7 @@ credsweeper/deep_scanner/__init__.py,sha256=Lp94BjQPZTgEa77E0v6xZaXZvQf2A-QTHsjq
|
|
|
21
21
|
credsweeper/deep_scanner/abstract_scanner.py,sha256=RLwANH7C42GMdgq_uyMH895HCUwmZFfCOTmFTzO8ni0,1404
|
|
22
22
|
credsweeper/deep_scanner/byte_scanner.py,sha256=oHeA8mGe995SHqWvONhTDBIE5j50TQASHA9Mv6LHYuQ,1125
|
|
23
23
|
credsweeper/deep_scanner/bzip2_scanner.py,sha256=74RsjmeuffEuxmKl04lXIZt3q_Zvxj-gLHXACqVSU_o,1619
|
|
24
|
-
credsweeper/deep_scanner/deep_scanner.py,sha256=
|
|
24
|
+
credsweeper/deep_scanner/deep_scanner.py,sha256=l4fj7yuwCl6FWNB3UO4JmMAGEVrHSi-8OH8LIwsLTB4,17263
|
|
25
25
|
credsweeper/deep_scanner/docx_scanner.py,sha256=t0vocPDY54KBjpmQBo53n5KvOISXkB-LlxFbfuRNLMA,4128
|
|
26
26
|
credsweeper/deep_scanner/eml_scanner.py,sha256=iRLr2yvBWGktT2oXxl-haqnhJN3tglO1Mej10hFk0as,3512
|
|
27
27
|
credsweeper/deep_scanner/encoder_scanner.py,sha256=qszql2a-lVuzVN_bNS2EsJ-Zxpqql52o1sJsLnpjX7M,1279
|
|
@@ -34,6 +34,7 @@ credsweeper/deep_scanner/pdf_scanner.py,sha256=LMyIoVJPNFOFnAfcZ5Akr7PTWSUBNPT6G
|
|
|
34
34
|
credsweeper/deep_scanner/pkcs12_scanner.py,sha256=s6WyeLUHxqbMnM3t_eY6GUwn1Yyh_nyehprWM_HgomQ,2142
|
|
35
35
|
credsweeper/deep_scanner/pptx_scanner.py,sha256=aMX6GgnUEShonHjlqhaI5w970b-2yxmKsld5kY1XdeQ,1828
|
|
36
36
|
credsweeper/deep_scanner/tar_scanner.py,sha256=L3a9OUhQQweDNLVbe_LNLhldtVeU8DlS0Ux3ip_KN2w,2425
|
|
37
|
+
credsweeper/deep_scanner/tmx_scanner.py,sha256=6BsMysSSSJrxtssh4bf1e4vwpps7yXDDvByFkyLhC_o,1946
|
|
37
38
|
credsweeper/deep_scanner/xlsx_scanner.py,sha256=Ck8j14OWy9LTXK0GBASCdPq9VhZe5ceUv0uZShFFpo8,2706
|
|
38
39
|
credsweeper/deep_scanner/xml_scanner.py,sha256=Dc5vw8MhOQFppPSMMzJBANKTC1OIu_7UsuLAwPGYQ4c,1302
|
|
39
40
|
credsweeper/deep_scanner/zip_scanner.py,sha256=rWNV43OV8FTpXGMkAlRCwnnaJ-WdiIpreI9FUpx7wb0,2431
|
|
@@ -51,12 +52,12 @@ credsweeper/file_handler/patches_provider.py,sha256=BWIxWsEYwwWGPweA6BrKP3q412kz
|
|
|
51
52
|
credsweeper/file_handler/string_content_provider.py,sha256=OlLF-c40zGkCulPZwzHfTElF65Z7G3XKQfpCe5aBKLw,2477
|
|
52
53
|
credsweeper/file_handler/struct_content_provider.py,sha256=_RfQ_JEJprn5haOLlzAYwabCHT4Pdm8VXc3KhTwaQ40,1593
|
|
53
54
|
credsweeper/file_handler/text_content_provider.py,sha256=FHzwtlPsRHBJwHW0p9AumPe-iTv671K-N7A5QlSolDM,2999
|
|
54
|
-
credsweeper/filters/__init__.py,sha256=
|
|
55
|
+
credsweeper/filters/__init__.py,sha256=EwLbbc2pXwAhSSJx0QXBcujRkP4Py6Fnf3MNm6ZkngQ,3267
|
|
55
56
|
credsweeper/filters/filter.py,sha256=CqZbTsIDNVVwQyOjNekgNr_i1nPS4foutm0AvGAjM5M,826
|
|
56
57
|
credsweeper/filters/line_git_binary_check.py,sha256=G5N-woSLXC1mdiD80AhXbOpJCjGwtvFwFwMmRu87qlY,1595
|
|
57
58
|
credsweeper/filters/line_specific_key_check.py,sha256=rM66tPmUCXPaCUpNokIkJukOyxOL4FB8ig74ezYrbBs,1536
|
|
58
59
|
credsweeper/filters/line_uue_part_check.py,sha256=xmJr2Klz3H8yc-ymlGwPmIjRIoXxvBD9NvW0gW22i9o,1519
|
|
59
|
-
credsweeper/filters/value_allowlist_check.py,sha256=
|
|
60
|
+
credsweeper/filters/value_allowlist_check.py,sha256=WS1yokEUp-ikcZWr4WLOhKsRNCqgLHh8Qvm6pt4wJvg,2163
|
|
60
61
|
credsweeper/filters/value_array_dictionary_check.py,sha256=NaaojsUFjGlk4JzpskG3rdUCN2RXZs8MgX_yTrNHm9c,1251
|
|
61
62
|
credsweeper/filters/value_atlassian_token_check.py,sha256=rAuMC5JUxnXZwPxoKtrwFVKTWCNXf-gf9mv5h6IQC7M,2914
|
|
62
63
|
credsweeper/filters/value_azure_token_check.py,sha256=LGfLPoQxuVN8kReWKTvFpfLGa8oOhUCw95YHBJhF-uE,2022
|
|
@@ -75,7 +76,6 @@ credsweeper/filters/value_entropy_base32_check.py,sha256=XAIEcT8a6eJrDDDvBO6EsOb
|
|
|
75
76
|
credsweeper/filters/value_entropy_base36_check.py,sha256=4BdDP6P_3UQwzpITMJ2S8SWjlCzfKVuEmB7SXcJhx4s,1548
|
|
76
77
|
credsweeper/filters/value_entropy_base64_check.py,sha256=uIlm7F9xaIKLwmP1d2K092sQSgwe4t5Klm9J6qA_qjA,2184
|
|
77
78
|
credsweeper/filters/value_file_path_check.py,sha256=azBFnFfK-4KjogeJkCH5rV13TVPW_wGx5ow1vSlArYA,3544
|
|
78
|
-
credsweeper/filters/value_first_word_check.py,sha256=y4Lxh7hnEwDpP7S9mDsudJR5CjGrhxn0asMwnXmzUP0,1229
|
|
79
79
|
credsweeper/filters/value_github_check.py,sha256=nRYvTxvhFo2PCMwneg5K4I7gJ3tBNzOOYDEhun0pxwg,1441
|
|
80
80
|
credsweeper/filters/value_grafana_check.py,sha256=4wagCuVCSDoO5Kc0-U4Y7eUvBlYUAJffMXmTD79FcnU,1506
|
|
81
81
|
credsweeper/filters/value_grafana_service_check.py,sha256=fL8v4pXS-GopeE_WKNB6rlm9XFzdNapCxO5dH0Z14B4,1133
|
|
@@ -99,10 +99,10 @@ credsweeper/filters/value_token_check.py,sha256=50Yye9NwaznmU7qH2ZLc9oUkwiZ5XiOW
|
|
|
99
99
|
credsweeper/filters/group/__init__.py,sha256=_a_XEmFbEA4kumIF2bAN3oHl3R6uLTJj7G2EjZWAfr0,567
|
|
100
100
|
credsweeper/filters/group/general_keyword.py,sha256=mnd4cNG5GgnXx-i9wGRSbYvaUTVGQOC0Of9KGUg2d3g,411
|
|
101
101
|
credsweeper/filters/group/general_pattern.py,sha256=dGneD7HSnVm1qO807uKwzonUAvIJ6TPh3WJMq2CnyjE,290
|
|
102
|
-
credsweeper/filters/group/group.py,sha256=
|
|
102
|
+
credsweeper/filters/group/group.py,sha256=yCfb02PdqfOL1WbdaB26xUSgpeywvpFT6AXMc89_-zc,2242
|
|
103
103
|
credsweeper/filters/group/password_keyword.py,sha256=XrJWnqHUhvAXs5-kTU-Td9HKsVw0vp3DMprP0M4V4GI,685
|
|
104
104
|
credsweeper/filters/group/token_pattern.py,sha256=_UPyuAxaAPJu04oU8OTHmDcUQPSwq_y4qxmAAlr8CXU,604
|
|
105
|
-
credsweeper/filters/group/url_credentials_group.py,sha256=
|
|
105
|
+
credsweeper/filters/group/url_credentials_group.py,sha256=NH_piLoqXNBKtzzRr6xgXSuDPhLqKlCGNqT--WKTvQs,1434
|
|
106
106
|
credsweeper/filters/group/weird_base36_token.py,sha256=N20PZecEEqEyVdlIw1DhFplA7jCG0fMEw7nkaHIZDCE,661
|
|
107
107
|
credsweeper/filters/group/weird_base64_token.py,sha256=nMAmhwMzBZ-La1pJnZHVOavPak8_q1cqkzLxG-Y7dwo,850
|
|
108
108
|
credsweeper/logger/__init__.py,sha256=qoRn8hBnzjqDMSPAmavHbpsuyC0dmxuKqbO_v50EcDU,45
|
|
@@ -129,7 +129,7 @@ credsweeper/ml_model/features/word_in_transition.py,sha256=owpXQOWD4OzCXTWypYr3H
|
|
|
129
129
|
credsweeper/ml_model/features/word_in_value.py,sha256=35GCjCfvpWw4-MiMAZA9YcoaqwBommArSrJ4kEAi5TA,883
|
|
130
130
|
credsweeper/ml_model/features/word_in_variable.py,sha256=d02c1ieUxm1pSyOE-S-HijgliMRV9kMaI0zv-UxFAp4,823
|
|
131
131
|
credsweeper/rules/__init__.py,sha256=alXS8IivUs-AKKbVHiWvSjFpg1urJZLKItuFr61HHyg,40
|
|
132
|
-
credsweeper/rules/config.yaml,sha256=
|
|
132
|
+
credsweeper/rules/config.yaml,sha256=R8EOlqK2LLBqbZFo8-NpBttdoxySiGYYGAmsiMjKYFs,39942
|
|
133
133
|
credsweeper/rules/rule.py,sha256=rU6vJ4cVoeAZdUMWalRTMuAdRuYgFxeTltvSYUJRHOU,10224
|
|
134
134
|
credsweeper/scanner/__init__.py,sha256=KUh1uUEgZOd12DiXV-TQP3OvByI9tsyqN1KCdw994h8,48
|
|
135
135
|
credsweeper/scanner/scanner.py,sha256=7I2H2qTs5ONwLi7K5wFOqc4WZtpaQGi-MhjkThc0FpM,9846
|
|
@@ -144,9 +144,9 @@ credsweeper/utils/__init__.py,sha256=wPdTkrSBAkR3rppFZ68k6MiT_P7tIHuAb3AcwndJCWg
|
|
|
144
144
|
credsweeper/utils/entropy_validator.py,sha256=711xCIBGAy-Pb6wqbMpEToa4dOYj5_CmkbKHygLeQrI,2796
|
|
145
145
|
credsweeper/utils/hop_stat.py,sha256=0D7xB1CVAUhseOZWvLZXxn3MYHKZnfnFJ8hj7tONiyU,2978
|
|
146
146
|
credsweeper/utils/pem_key_detector.py,sha256=Z1LJYm4WAqppF2ooj81-lbhrg2woiNKiMk8Nt4DV-G8,7721
|
|
147
|
-
credsweeper/utils/util.py,sha256=
|
|
148
|
-
credsweeper-1.11.
|
|
149
|
-
credsweeper-1.11.
|
|
150
|
-
credsweeper-1.11.
|
|
151
|
-
credsweeper-1.11.
|
|
152
|
-
credsweeper-1.11.
|
|
147
|
+
credsweeper/utils/util.py,sha256=p8Chj7VWJrAP8q_jQhssfm1xoiIN_iCN1uMViq-1JrA,31102
|
|
148
|
+
credsweeper-1.11.2.dist-info/METADATA,sha256=2tH2XVbl8zhq-s8CqLDDFmybPL6p5IKaHTBGQWEX04w,10504
|
|
149
|
+
credsweeper-1.11.2.dist-info/WHEEL,sha256=qtCwoSJWgHk21S1Kb4ihdzI2rlJ1ZKaIurTj_ngOhyQ,87
|
|
150
|
+
credsweeper-1.11.2.dist-info/entry_points.txt,sha256=SLGNZshvi3zpWPhVmRP-oDXRMRPBS4tzRDy6xYOXwqA,58
|
|
151
|
+
credsweeper-1.11.2.dist-info/licenses/LICENSE,sha256=aU7mGjBKbmRHNLVXXzcPdKmTtBxRwDPtjflQRfN7fFg,1065
|
|
152
|
+
credsweeper-1.11.2.dist-info/RECORD,,
|
|
@@ -1,38 +0,0 @@
|
|
|
1
|
-
import re
|
|
2
|
-
|
|
3
|
-
from credsweeper.config import Config
|
|
4
|
-
from credsweeper.credentials import LineData
|
|
5
|
-
from credsweeper.file_handler.analysis_target import AnalysisTarget
|
|
6
|
-
from credsweeper.filters import Filter
|
|
7
|
-
from credsweeper.utils import Util
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
class ValueFirstWordCheck(Filter):
|
|
11
|
-
"""Check that secret doesn't starts with special character."""
|
|
12
|
-
|
|
13
|
-
NOT_ALLOWED = [
|
|
14
|
-
r"\=", r"\{", r"\)", r"\<", r"\>", r"\#", r"\:", r"\\\\", r"\\/\\/", r"\_", r"\/\*", r"\%[deflspuvxz]"
|
|
15
|
-
]
|
|
16
|
-
NOT_ALLOWED_PATTERN = re.compile( #
|
|
17
|
-
f"^{Util.get_regex_combine_or(NOT_ALLOWED)}", #
|
|
18
|
-
flags=re.IGNORECASE)
|
|
19
|
-
|
|
20
|
-
def __init__(self, config: Config = None) -> None:
|
|
21
|
-
pass
|
|
22
|
-
|
|
23
|
-
def run(self, line_data: LineData, target: AnalysisTarget) -> bool:
|
|
24
|
-
"""Run filter checks on received credential candidate data 'line_data'.
|
|
25
|
-
|
|
26
|
-
Args:
|
|
27
|
-
line_data: credential candidate data
|
|
28
|
-
target: multiline target from which line data was obtained
|
|
29
|
-
|
|
30
|
-
Return:
|
|
31
|
-
True, if need to filter candidate and False if left
|
|
32
|
-
|
|
33
|
-
"""
|
|
34
|
-
if line_data.is_well_quoted_value:
|
|
35
|
-
return False
|
|
36
|
-
if self.NOT_ALLOWED_PATTERN.match(line_data.value):
|
|
37
|
-
return True
|
|
38
|
-
return False
|
|
File without changes
|
|
File without changes
|
|
File without changes
|