From 858625b821386f5665bc04b0db81815930c32ae4 Mon Sep 17 00:00:00 2001 From: Scott Cutler Date: Thu, 22 Aug 2024 08:45:49 -0700 Subject: [PATCH] adding a change to duroc hog output --- crates/rusty-hog-scanner/src/default_rules.json | 2 +- src/bin/duroc_hog.rs | 9 ++++----- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/crates/rusty-hog-scanner/src/default_rules.json b/crates/rusty-hog-scanner/src/default_rules.json index a890c16..2af2f1b 100644 --- a/crates/rusty-hog-scanner/src/default_rules.json +++ b/crates/rusty-hog-scanner/src/default_rules.json @@ -1,5 +1,5 @@ { - "Slack Token": "(xox[p|b|o|a]-[0-9]{12}-[0-9]{12}-[0-9]{12}-[a-z0-9]{32})", + "Slack Token": "(xox[p|b|o|a]-[0-9]{10,13}-[0-9]{10,13}[a-zA-Z0-9\\-]*)", "RSA private key": "-----BEGIN RSA PRIVATE KEY-----", "SSH (DSA) private key": "-----BEGIN DSA PRIVATE KEY-----", "SSH (EC) private key": "-----BEGIN EC PRIVATE KEY-----", diff --git a/src/bin/duroc_hog.rs b/src/bin/duroc_hog.rs index 7642208..4639b72 100644 --- a/src/bin/duroc_hog.rs +++ b/src/bin/duroc_hog.rs @@ -58,7 +58,7 @@ pub struct FileFinding { pub path: String, pub reason: String, pub linenum: usize, - pub diff: String, + pub lineindextuples: Vec<(usize, usize)> } const ZIPEXTENSIONS: &[&str] = &["zip"]; @@ -379,22 +379,21 @@ fn scan_bytes(input: Vec, ss: &SecretScanner, path: String) -> HashSet = Vec::new(); + let mut lineindextuples: Vec<(usize, usize)> = Vec::new(); for m in matches { let result = ASCII .decode(&new_line[m.start()..m.end()], DecoderTrap::Ignore) .unwrap_or_else(|_| "".parse().unwrap()); strings_found.push(result); + lineindextuples.push((m.start(),m.end())); } if !strings_found.is_empty() { - let new_line_string = ASCII - .decode(&new_line, DecoderTrap::Ignore) - .unwrap_or_else(|_| "".parse().unwrap()); findings.insert(FileFinding { - diff: new_line_string, strings_found, reason: r.clone(), path: path.clone(), linenum: index + 1, + lineindextuples }); } }