forked from mirrors/kingfisher
f9d75eaadd
- Improve MySQL detection by broadening URI coverage and adding live validation that skips clearly invalid connection strings.
40 lines
No EOL
1,010 B
YAML
40 lines
No EOL
1,010 B
YAML
rules:
|
|
- name: Postgres URL with hardcoded password
|
|
id: kingfisher.postgres.1
|
|
pattern: |
|
|
(?xi)
|
|
(?:
|
|
postgres
|
|
(?:ql)?
|
|
| postgis
|
|
)
|
|
:\/\/
|
|
(?:
|
|
[\w]+
|
|
)
|
|
:
|
|
(?:
|
|
[^\@]+
|
|
)
|
|
@
|
|
(?:
|
|
[^:\/]+
|
|
)
|
|
:
|
|
(?:
|
|
\d+
|
|
)
|
|
pattern_requirements:
|
|
ignore_if_contains:
|
|
- "*****"
|
|
- "xxxxx"
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- CONNECTION_URI="postgres://postgres:s2Tf2k@rLMy@google.com:5434/elephant"
|
|
- Connection URI= postgresql://nimda:vg498hwegw1udp6s@db-postgresql-nyc1-64297-do-user-1243723-0.db.ondigitalocean.com:25060/defaultdb?sslmode=require
|
|
- CONNECTION_URI="postgres://postgres:s2Tf2k@rLMy@google.com:5434/elephant"
|
|
- CONNECTION_URI="postgis://postgres:s2Tf2k@rLMy@google.com:5434/elephant"
|
|
- CONNECTION_URI="postgis://postgres:s2Tf2k@rLMy@google.com:5434/elephant"
|
|
validation:
|
|
type: Postgres |