-
Notifications
You must be signed in to change notification settings - Fork 130
/
Copy pathcommon.rulepack
73 lines (73 loc) · 4.06 KB
/
common.rulepack
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
{
"plugin_type": "common",
"file_types": [
".java",
".php",
".py",
".js",
".rb",
".pl",
".sh",
".ini",
".cls",
".yaml"
],
"rules": [
{
"id": "HARD_CRED1",
"severity": "High",
"title": "Possibly hard coded credential",
"description": "It seems you have possibly hard-coded some sort secret/credential in the source code, for accessing a local/remote resource. This is not a good practice because in event of a source-code disclosure/access to unauthorized people may leak additional information which otherwise should not be possible.",
"remediation": "Please use a secure credential store which has the least possible access privileges for unauthorized users.",
"link": "http://cwe.mitre.org/data/definitions/259.html",
"example_insecure": "var oauth_token = '5af0nhg48672a",
"example_secure": "var oauth_token = env.getkey('oauth_token'); doSomeWork(); flush(oauth_token);",
"platform_version": "all",
"enabled": "true",
"logic": "Find patterns of hardcoded credentials.",
"signature": "KHNhbHR8Y2FwdGNoYXxjc3JmfGNvbnN1bWVyfGFwcGxpY2F0aW9ufGFwcHxzZXJ2aWNlfHNzaHxjbGllbnR8YXV0aHxsb2dpbnx1c2VyfGFwaXxkYnxvYXV0aHxzZXJ2ZXJ8c3NvfGNyeXB0KG8pP3woZW58ZGUpY3J5cHQoaW9uKT8pPyhffFwuKT8odG9rZW58c2VjcmV0fGtleXxjcmVkKVxzPyg9fDopXHM/"
},
{
"id": "HARD_CRED2",
"severity": "Medium",
"title": "Possibly hard coded credential",
"description": "It seems you have possibly hard-coded some sort secret/credential in the source code, for accessing a local/remote resource. This is not a good practice because in event of a source-code disclosure/access to unauthorized people may leak additional information which otherwise should not be possible.",
"remediation": "Please use a secure credential store which has the least possible access privileges for unauthorized users.",
"link": "http://cwe.mitre.org/data/definitions/259.html",
"example_insecure": "var oauth_token = '5af0nhg48672a",
"example_secure": "var oauth_token = env.getkey('oauth_token'); doSomeWork(); flush(oauth_token);",
"platform_version": "all",
"enabled": "true",
"logic": "Find patterns of hardcoded credentials.",
"signature": "KF98XC4pPyh0b2tlbnxzZWNyZXR8a2V5fGNyZWQpKF98XC4pPy4qPShcc3xcdCkqKFwnfFwifFxbKQ=="
},
{
"id": "PrivateIP",
"severity": "Low",
"title": "Hard coded private IP v4/v6 address",
"description": "It seems that a Private IP address has been hardcoded in the source-code. A private IP is an IP within the range of 192.168.0.0 - 192.168.255.255 or 172.16.0.0 - 172.31.255.255 or 10.0.0.0 - 10.255.255.255 and their IPv6 equivalents",
"remediation": "Please verify that this source code is not deployed on production as it may increase the impact of a server compromise.",
"link": "http://cwe.mitre.org/data/definitions/259.html",
"example_insecure": "http://192.168.10.3",
"example_secure": "Production IP range",
"platform_version": "all",
"enabled": "true",
"logic": "Find patterns of 192.168.0.0 - 192.168.255.255 or 172.16.0.0 - 172.31.255.255 or 10.0.0.0 - 10.255.255.255 and their IPv6 equivalents",
"signature": "KF4xMjdcLil8KF4xOTJcLjE2OFwuKXwoXjEwXC4pfCheMTcyXC4xWzYtOV1cLil8KF4xNzJcLjJbMC05XVwuKXwoXjE3MlwuM1swLTFdXC4pfCheOjoxJCl8KF5bZkZdW2NDZERdKQ=="
},
{
"id": "E-Mail",
"severity": "Low",
"title": "Hard coded email-id",
"description": "It seems that an email-id hardcoded in the source-code.",
"remediation": "Please ensure that this email-id is headless and doesn't have privacy concerns. Also ensure that the email server doesn't support mail relaying. ",
"link": "http://cwe.mitre.org/data/definitions/259.html",
"example_insecure": "[email protected]",
"example_secure": "N/A",
"platform_version": "all",
"enabled": "true",
"logic": "Find patterns of email-ids",
"signature": "KChbYS16QS1aXXxbMC05XSl8KFstXXxbX118Wy5dKSkrW0BdKChbYS16QS1aMC05XSl8KFstXSkpezIsNjN9Wy5dKChbYS16QS1aMC05XSl7Miw2M30pKyQ="
}
]
}