Change AWS regex to match only allowed characters #1324
Labels
enhancement
New feature or request
Comments
baruchiro
added a commit
to Checkmarx/gitleaks
that referenced
this issue
Feb 22, 2024
Fix gitleaks#1324 Change AWS regex to match only allowed characters
3 tasks
baruchiro
added a commit
to Checkmarx/gitleaks
that referenced
this issue
Mar 28, 2024
### Description: I fixes few issues (gitleaks#1049, gitleaks#1324, gitleaks#1337) and added a rule for AWS Secret Key. I renamed the `AWS()` function name to `AWSAccessKey()`, and changed the `RuleID` too, which may lead to breaking changes⚠️ . ### Checklist: * [x] Does your PR pass tests? * [x] Have you written new tests for your changes? * [x] Have you lint your code locally prior to submission? Original: gitleaks#1356
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
The AWS access token rule matches some strings that cannot be a valid AWS token and should be modified.
Describe the solution you'd like
It was recently discovered that the 16 characters of the token after the 4 character prefix are base32 encoded and include among other things the AWS account number.
https://trufflesecurity.com/blog/research-uncovers-aws-account-numbers-hidden-in-access-keys/
The characters used in base32 encoding are letters A-Z and digits 2-7. The regular expression should be modified to only match on these characters, since any that contain 0, 8, or 9 are not valid.
Describe alternatives you've considered
Not applicable, I think.
Additional context
None.
cc @zricethezav
The text was updated successfully, but these errors were encountered: