extend FB access token discovery (#1407)

* extend FB access token discovery * validate config * set upper 40 * set upper 40
gitleaks · May 31, 2024 · 39947b0 · 39947b0
1 parent 79cac73
commit 39947b0
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/cmd/generate/config/rules/facebook.go b/cmd/generate/config/rules/facebook.go
@@ -32,7 +32,7 @@ func FacebookAccessToken() *config.Rule {
 	r := config.Rule{
 		Description: "Discovered a Facebook Access Token, posing a risk of unauthorized access to Facebook accounts and personal data exposure.",
 		RuleID:      "facebook-access-token",
-		Regex:       generateUniqueTokenRegex(`\d{15,16}\|[0-9a-z\-_]{27}`, true),
+		Regex:       generateUniqueTokenRegex(`\d{15,16}(\||%)[0-9a-z\-_]{27,40}`, true),
 	}
 
 	// validate

diff --git a/config/gitleaks.toml b/config/gitleaks.toml
@@ -396,7 +396,7 @@ keywords = [
 [[rules]]
 id = "facebook-access-token"
 description = "Discovered a Facebook Access Token, posing a risk of unauthorized access to Facebook accounts and personal data exposure."
-regex = '''(?i)\b(\d{15,16}\|[0-9a-z\-_]{27})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
+regex = '''(?i)\b(\d{15,16}(\||%)[0-9a-z\-_]{27,40})(?:['|\"|\n|\r|\s|\x60|;]|$)'''
 
 [[rules]]
 id = "facebook-page-access-token"