Skip to content

Commit 200ab5b

Browse files
PomidorryMariia Krasnorutska/Security Services /SRUKR/Engineer/삼성전자
Pomidorry
and
Mariia Krasnorutska/Security Services /SRUKR/Engineer/삼성전자
authored
Added salseforce items (#743)
* Added salseforce f_org_id items * Added salseforce t_org_id items and changed config * Added salseforce t_client_id and added 3MVG to config * Changed SF regex --------- Co-authored-by: Mariia Krasnorutska/Security Services /SRUKR/Engineer/삼성전자 <m.krasnoruts@partner.samsung.com>
1 parent 1c3d72d commit 200ab5b

File tree

8 files changed

+566
-17
lines changed

8 files changed

+566
-17
lines changed

credsweeper/rules/config.yaml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1453,14 +1453,15 @@
14531453
confidence: weak
14541454
type: pattern
14551455
values:
1456-
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>00D[0-9A-Za-z]{9,15}(![.0-9A-Za-z_-]{24,200})?)(?![0-9A-Za-z_-])
1456+
- (?:^|[^0-9A-Za-z_+-]|\\[0abfnrtv]|(?:%|\\x)[0-9A-Fa-f]{2}|\\[0-7]{3}|\\[Uu][0-9A-Fa-f]{4}|\x1B\[[0-9;]{0,80}m)(?P<value>(3MVG[0-9A-Za-z_.]{24,200}|00D[0-9A-Za-z]{9,15}(![0-9A-Za-z_.]{24,200})?))(?![0-9A-Za-z_.])
14571457
min_line_len: 12
14581458
filter_type:
14591459
- ValuePatternCheck(9)
14601460
- ValueNumberCheck
14611461
- ValueBase64PartCheck
14621462
required_substrings:
14631463
- 00D
1464+
- 3MVG
14641465
target:
14651466
- code
14661467
- doc

tests/__init__.py

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -7,16 +7,16 @@
77
NEGLIGIBLE_ML_THRESHOLD = 0.0001
88

99
# with option --doc & NEGLIGIBLE_ML_THRESHOLD
10-
SAMPLES_IN_DOC = 861
10+
SAMPLES_IN_DOC = 866
1111

1212
# credentials count after scan without filters and ML validations
13-
SAMPLES_REGEX_COUNT = 704
13+
SAMPLES_REGEX_COUNT = 710
1414

1515
# credentials count after scan with filters and without ML validation
16-
SAMPLES_FILTERED_COUNT = 514
16+
SAMPLES_FILTERED_COUNT = 519
1717

1818
# credentials count after default post-processing
19-
SAMPLES_POST_CRED_COUNT = 487
19+
SAMPLES_POST_CRED_COUNT = 492
2020

2121
# archived credentials that are not found without --depth
2222
SAMPLES_IN_DEEP_1 = SAMPLES_POST_CRED_COUNT + 128

tests/data/depth_3.json

Lines changed: 106 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10338,20 +10338,125 @@
1033810338
"ml_probability": null,
1033910339
"line_data_list": [
1034010340
{
10341-
"line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
10341+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
10342+
"line_num": 2,
10343+
"path": "./tests/samples/salesfoce",
10344+
"info": "FILE:./tests/samples/salesfoce|RAW",
10345+
"variable": null,
10346+
"variable_start": -2,
10347+
"variable_end": -2,
10348+
"value": "00DFT5H59PHLAN0IA",
10349+
"value_start": 9,
10350+
"value_end": 26,
10351+
"entropy": 3.45482
10352+
}
10353+
]
10354+
},
10355+
{
10356+
"rule": "Salesforce Credentials",
10357+
"severity": "medium",
10358+
"confidence": "weak",
10359+
"ml_probability": null,
10360+
"line_data_list": [
10361+
{
10362+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
10363+
"line_num": 2,
10364+
"path": "./tests/samples/salesfoce",
10365+
"info": "FILE:./tests/samples/salesfoce|RAW",
10366+
"variable": null,
10367+
"variable_start": -2,
10368+
"variable_end": -2,
10369+
"value": "00DG9UE38D6ELk5l",
10370+
"value_start": 27,
10371+
"value_end": 43,
10372+
"entropy": 3.625
10373+
}
10374+
]
10375+
},
10376+
{
10377+
"rule": "Salesforce Credentials",
10378+
"severity": "medium",
10379+
"confidence": "weak",
10380+
"ml_probability": null,
10381+
"line_data_list": [
10382+
{
10383+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
1034210384
"line_num": 2,
1034310385
"path": "./tests/samples/salesfoce",
1034410386
"info": "FILE:./tests/samples/salesfoce|RAW",
1034510387
"variable": null,
1034610388
"variable_start": -2,
1034710389
"variable_end": -2,
10390+
"value": "00Dh68fkeHGbDk92k",
10391+
"value_start": 61,
10392+
"value_end": 78,
10393+
"entropy": 3.57247
10394+
}
10395+
]
10396+
},
10397+
{
10398+
"rule": "Salesforce Credentials",
10399+
"severity": "medium",
10400+
"confidence": "weak",
10401+
"ml_probability": null,
10402+
"line_data_list": [
10403+
{
10404+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
10405+
"line_num": 2,
10406+
"path": "./tests/samples/salesfoce",
10407+
"info": "FILE:./tests/samples/salesfoce|RAW",
10408+
"variable": null,
10409+
"variable_start": -2,
10410+
"variable_end": -2,
10411+
"value": "00DyXD47kKDny11j",
10412+
"value_start": 44,
10413+
"value_end": 60,
10414+
"entropy": 3.32782
10415+
}
10416+
]
10417+
},
10418+
{
10419+
"rule": "Salesforce Credentials",
10420+
"severity": "medium",
10421+
"confidence": "weak",
10422+
"ml_probability": null,
10423+
"line_data_list": [
10424+
{
10425+
"line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
10426+
"line_num": 3,
10427+
"path": "./tests/samples/salesfoce",
10428+
"info": "FILE:./tests/samples/salesfoce|RAW",
10429+
"variable": null,
10430+
"variable_start": -2,
10431+
"variable_end": -2,
1034810432
"value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
1034910433
"value_start": 8,
1035010434
"value_end": 120,
1035110435
"entropy": 5.19811
1035210436
}
1035310437
]
1035410438
},
10439+
{
10440+
"rule": "Salesforce Credentials",
10441+
"severity": "medium",
10442+
"confidence": "weak",
10443+
"ml_probability": null,
10444+
"line_data_list": [
10445+
{
10446+
"line": "t_client_id: 3MVGb3j9DpwrLFc90tWIy.nh7B89YzeymdX9VETUUokMus8xztUgf_5PksXuZmgYoNmvYcsk_qPpk1Y.zttO1",
10447+
"line_num": 4,
10448+
"path": "./tests/samples/salesfoce",
10449+
"info": "FILE:./tests/samples/salesfoce|RAW",
10450+
"variable": null,
10451+
"variable_start": -2,
10452+
"variable_end": -2,
10453+
"value": "3MVGb3j9DpwrLFc90tWIy.nh7B89YzeymdX9VETUUokMus8xztUgf_5PksXuZmgYoNmvYcsk_qPpk1Y.zttO1",
10454+
"value_start": 13,
10455+
"value_end": 98,
10456+
"entropy": 5.45622
10457+
}
10458+
]
10459+
},
1035510460
{
1035610461
"rule": "Salt",
1035710462
"severity": "low",

tests/data/doc.json

Lines changed: 106 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16660,20 +16660,125 @@
1666016660
"ml_probability": null,
1666116661
"line_data_list": [
1666216662
{
16663-
"line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
16663+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
16664+
"line_num": 2,
16665+
"path": "./tests/samples/salesfoce",
16666+
"info": "FILE:./tests/samples/salesfoce|RAW",
16667+
"variable": null,
16668+
"variable_start": -2,
16669+
"variable_end": -2,
16670+
"value": "00DFT5H59PHLAN0IA",
16671+
"value_start": 9,
16672+
"value_end": 26,
16673+
"entropy": 3.45482
16674+
}
16675+
]
16676+
},
16677+
{
16678+
"rule": "Salesforce Credentials",
16679+
"severity": "medium",
16680+
"confidence": "weak",
16681+
"ml_probability": null,
16682+
"line_data_list": [
16683+
{
16684+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
16685+
"line_num": 2,
16686+
"path": "./tests/samples/salesfoce",
16687+
"info": "FILE:./tests/samples/salesfoce|RAW",
16688+
"variable": null,
16689+
"variable_start": -2,
16690+
"variable_end": -2,
16691+
"value": "00DG9UE38D6ELk5l",
16692+
"value_start": 27,
16693+
"value_end": 43,
16694+
"entropy": 3.625
16695+
}
16696+
]
16697+
},
16698+
{
16699+
"rule": "Salesforce Credentials",
16700+
"severity": "medium",
16701+
"confidence": "weak",
16702+
"ml_probability": null,
16703+
"line_data_list": [
16704+
{
16705+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
16706+
"line_num": 2,
16707+
"path": "./tests/samples/salesfoce",
16708+
"info": "FILE:./tests/samples/salesfoce|RAW",
16709+
"variable": null,
16710+
"variable_start": -2,
16711+
"variable_end": -2,
16712+
"value": "00Dh68fkeHGbDk92k",
16713+
"value_start": 61,
16714+
"value_end": 78,
16715+
"entropy": 3.57247
16716+
}
16717+
]
16718+
},
16719+
{
16720+
"rule": "Salesforce Credentials",
16721+
"severity": "medium",
16722+
"confidence": "weak",
16723+
"ml_probability": null,
16724+
"line_data_list": [
16725+
{
16726+
"line": "t_org_if 00DFT5H59PHLAN0IA 00DG9UE38D6ELk5l 00DyXD47kKDny11j 00Dh68fkeHGbDk92k",
1666416727
"line_num": 2,
1666516728
"path": "./tests/samples/salesfoce",
1666616729
"info": "FILE:./tests/samples/salesfoce|RAW",
1666716730
"variable": null,
1666816731
"variable_start": -2,
1666916732
"variable_end": -2,
16733+
"value": "00DyXD47kKDny11j",
16734+
"value_start": 44,
16735+
"value_end": 60,
16736+
"entropy": 3.32782
16737+
}
16738+
]
16739+
},
16740+
{
16741+
"rule": "Salesforce Credentials",
16742+
"severity": "medium",
16743+
"confidence": "weak",
16744+
"ml_probability": null,
16745+
"line_data_list": [
16746+
{
16747+
"line": "t_token 00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
16748+
"line_num": 3,
16749+
"path": "./tests/samples/salesfoce",
16750+
"info": "FILE:./tests/samples/salesfoce|RAW",
16751+
"variable": null,
16752+
"variable_start": -2,
16753+
"variable_end": -2,
1667016754
"value": "00DUI000005AecQ!AR8Amtqc2drcmpoZ3dlanJoMzQ5ODc1OTg0Mzc5NzQ1OCsrKysKLS0tLQp.cm9jLVR5cGU6IDQsRU5DUllwwMzQ1NzY3MzQ1",
1667116755
"value_start": 8,
1667216756
"value_end": 120,
1667316757
"entropy": 5.19811
1667416758
}
1667516759
]
1667616760
},
16761+
{
16762+
"rule": "Salesforce Credentials",
16763+
"severity": "medium",
16764+
"confidence": "weak",
16765+
"ml_probability": null,
16766+
"line_data_list": [
16767+
{
16768+
"line": "t_client_id: 3MVGb3j9DpwrLFc90tWIy.nh7B89YzeymdX9VETUUokMus8xztUgf_5PksXuZmgYoNmvYcsk_qPpk1Y.zttO1",
16769+
"line_num": 4,
16770+
"path": "./tests/samples/salesfoce",
16771+
"info": "FILE:./tests/samples/salesfoce|RAW",
16772+
"variable": null,
16773+
"variable_start": -2,
16774+
"variable_end": -2,
16775+
"value": "3MVGb3j9DpwrLFc90tWIy.nh7B89YzeymdX9VETUUokMus8xztUgf_5PksXuZmgYoNmvYcsk_qPpk1Y.zttO1",
16776+
"value_start": 13,
16777+
"value_end": 98,
16778+
"entropy": 5.45622
16779+
}
16780+
]
16781+
},
1667716782
{
1667816783
"rule": "UUID",
1667916784
"severity": "info",

0 commit comments

Comments
 (0)