Merge pull request #66 from Onboardbase/post-sdk-updates

feat: 3.0.17

Author: dantelex

package.json

@@ -1,6 +1,6 @@
 {
   "name": "securelog-scan",
-  "version": "3.0.16",
+  "version": "3.0.17",
   "description": "A CLI tool to scan codebases for potential secrets.",
   "main": "dist/index.js",
   "author": {

src/detectors/detectors.ts

@@ -26,6 +26,7 @@ import { DiscordWebhookDetector } from "./discordwebhook";
 import { DisqusDetector } from "./disqus";
 import { DocusignDetector } from "./docusign";
 import { DropboxDetector } from "./dropbox";
+import { FacebookOAuthDetector } from "./facebookoauth";
 import { FlickrDetector } from "./flickr";
 import { FlutterwaveDetector } from "./flutterwave";
 import { FormBucketDetector } from "./formbucket";
@@ -55,10 +56,13 @@ import { PostgreSQLDetector } from "./postgres";
 import { PostmanDetector } from "./postman";
 import { RedisDetector } from "./redis";
 import { SendgridDetector } from "./sendgrid";
+import { SentryDetector } from "./sentry";
+import { ShopifyDetector } from "./shopify";
 import { SlackDetector } from "./slack";
 import { SlackWebhooksDetector } from "./slackwebhook";
 import { StripeDetector } from "./stripe";
 import { TelegramBotTokenDetector } from "./telegrambottoken";
+import { VercelDetector } from "./vercel";
 
 export const detectors: Detector[] = [
   AgoraDetector,
@@ -121,4 +125,8 @@ export const detectors: Detector[] = [
   DatadogTokenDetector,
   TelegramBotTokenDetector,
   CreditCardDetector,
+  VercelDetector,
+  FacebookOAuthDetector,
+  ShopifyDetector,
+  SentryDetector,
 ];

src/detectors/facebookoauth/index.ts

@@ -0,0 +1,55 @@
+import Re2 from "re2";
+import { surroundWithGroups } from "../../regexHandler";
+import { Detector, ScanResult } from "../../types/detector";
+import { httpClient } from "../../util";
+
+const keywords: string[] = ["facebook", "meta"];
+const regexGroup: string = surroundWithGroups(keywords);
+const secretPattern: Re2 = new Re2(
+  `${regexGroup}\\b([A-Za-z0-9]{32})\\b`,
+  "gi"
+);
+const idPattern: Re2 = new Re2(`${regexGroup}\\b([0-9]{15,18})\\b`, "gi");
+
+const scan = async (
+  verify: boolean | undefined,
+  data: string
+): Promise<ScanResult | null> => {
+  const secretPatternMatches = data.matchAll(secretPattern);
+  const idPatternMatches = data.matchAll(idPattern);
+  let result: ScanResult = { detectorType: "Facebook OAuth", verified: false };
+
+  for (const match of idPatternMatches) {
+    if (match.length !== 2) continue;
+    const idMatch = match[1].trim();
+
+    result.rawValue = idMatch;
+    result.position = match.index;
+
+    for (const secretMatch of secretPatternMatches) {
+      if (secretMatch.length !== 2) continue;
+
+      const secretMatchValue = secretMatch[1].trim();
+      if (verify) {
+        try {
+          await httpClient.get(
+            `https://graph.facebook.com/me?access_token=${idMatch}|${secretMatchValue}`
+          );
+
+          result.verified = true;
+        } catch (error) {}
+      }
+      return result;
+    }
+  }
+
+  return null;
+};
+
+const detectorType = "FACEBOOK_OAUTH_DETECTOR";
+
+export const FacebookOAuthDetector: Detector = {
+  scan,
+  keywords,
+  detectorType,
+};

src/detectors/sentry/index.ts

@@ -0,0 +1,51 @@
+import Re2 from "re2";
+import { Detector, ScanResult } from "../../types/detector";
+import { surroundWithGroups } from "../../regexHandler";
+import { httpClient } from "../../util";
+
+const keywords: string[] = ["sentry"];
+const keyPattern: Re2 = new Re2(
+  `${surroundWithGroups(keywords)}\\b([a-f0-9]{64})\\b`,
+  "gi"
+);
+
+const scan = async (
+  verify: boolean | undefined,
+  data: string
+): Promise<ScanResult | null> => {
+  const keyPatternMatches = data.matchAll(keyPattern);
+
+  const result: ScanResult = { detectorType: "Sentry", verified: false };
+
+  for (const match of keyPatternMatches) {
+    if (match.length !== 2) continue;
+
+    const resMatch: string = match[1].trim();
+    result.rawValue = resMatch;
+    result.position = match.index;
+
+    if (verify) {
+      try {
+        await httpClient.get("https://api.vercel.com/www/user", {
+          headers: {
+            Authorization: `Bearer ${resMatch}`,
+          },
+        });
+
+        result.verified = true;
+      } catch (error) {}
+    }
+
+    return result;
+  }
+
+  return null;
+};
+
+const detectorType = "SENTRY_DETECTOR";
+
+export const SentryDetector: Detector = {
+  scan,
+  keywords,
+  detectorType,
+};

src/detectors/shopify/index.ts

@@ -0,0 +1,53 @@
+import Re2 from "re2";
+import { Detector, ScanResult } from "../../types/detector";
+import { httpClient } from "../../util";
+
+const keywords: string[] = ["shppa_", "shpat_"];
+const keyPattern: Re2 = new Re2("\\b(shppa_|shpat_)([0-9A-Fa-f]{32})\\b", "gi");
+const domainPattern = new Re2(/^[a-zA-Z0-9-]+\.myshopify\.com$/, "gi");
+
+const scan = async (
+  verify: boolean | undefined,
+  data: string
+): Promise<ScanResult | null> => {
+  const keyPatternMatches = data.matchAll(keyPattern);
+  const domainPatternMatches = data.matchAll(domainPattern);
+  let result: ScanResult = { detectorType: "Shopify", verified: false };
+
+  for (const match of keyPatternMatches) {
+    const shopifyKey = match?.[0]?.trim();
+
+    result.rawValue = shopifyKey;
+    result.position = match.index;
+
+    for (const domainMatch of domainPatternMatches) {
+      const domainMatchValue = domainMatch?.[0]?.trim();
+
+      if (verify) {
+        try {
+          await httpClient.get(
+            `https://${domainMatchValue}/admin/oauth/access_scopes.json`,
+            {
+              headers: {
+                "X-Shopify-Access-Token": shopifyKey,
+              },
+            }
+          );
+
+          result.verified = true;
+        } catch (error) {}
+      }
+      return result;
+    }
+  }
+
+  return null;
+};
+
+const detectorType = "SHOPIFY_DETECTOR";
+
+export const ShopifyDetector: Detector = {
+  scan,
+  keywords,
+  detectorType,
+};

src/detectors/vercel/index.ts

@@ -0,0 +1,51 @@
+import Re2 from "re2";
+import { Detector, ScanResult } from "../../types/detector";
+import { surroundWithGroups } from "../../regexHandler";
+import { httpClient } from "../../util";
+
+const keywords: string[] = ["vercel"];
+const keyPattern: Re2 = new Re2(
+  `${surroundWithGroups(keywords)}\\b([a-zA-Z0-9]{24})\\b`,
+  "gi"
+);
+
+const scan = async (
+  verify: boolean | undefined,
+  data: string
+): Promise<ScanResult | null> => {
+  const keyPatternMatches = data.matchAll(keyPattern);
+
+  const result: ScanResult = { detectorType: "Vercel", verified: false };
+
+  for (const match of keyPatternMatches) {
+    if (match.length !== 2) continue;
+
+    const resMatch: string = match[1].trim();
+    result.rawValue = resMatch;
+    result.position = match.index;
+
+    if (verify) {
+      try {
+        await httpClient.get("https://api.vercel.com/www/user", {
+          headers: {
+            Authorization: `Bearer ${resMatch}`,
+          },
+        });
+
+        result.verified = true;
+      } catch (error) {}
+    }
+
+    return result;
+  }
+
+  return null;
+};
+
+const detectorType = "VERCEL_DETECTOR";
+
+export const VercelDetector: Detector = {
+  scan,
+  keywords,
+  detectorType,
+};