Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[detector] Implemented Box Detector #3242

Merged
merged 9 commits into from
Oct 15, 2024
Merged

[detector] Implemented Box Detector #3242

merged 9 commits into from
Oct 15, 2024

Conversation

abmussani
Copy link
Contributor

@abmussani abmussani commented Aug 21, 2024
edited
Loading

Description:

This PR adds up a new detector for "Box" Service. Please note that, by default, Box tokens has expiry of 60 minutes. To run the test, token might be needed to regenerated and updated in vault.
This PR also includes Detector for Box Oauth service.

Documentation: https://developer.box.com/reference/get-authorize/

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@abmussani abmussani requested a review from a team as a code owner August 21, 2024 11:12
0x1
0x1 reviewed Aug 23, 2024
View reviewed changes
pkg/detectors/box/box.go Outdated Show resolved Hide resolved
0x1
0x1 reviewed Aug 23, 2024
View reviewed changes
pkg/detectors/box/box.go Outdated Show resolved Hide resolved
@0x1
Copy link
Contributor

0x1 commented Aug 23, 2024

Box also has OAuth, thoughts on adding that also?

@abmussani
remove generic keyword for box detector
a4c61fc 
remove PII details of user.
@zricethezav
Copy link
Collaborator

@abmussani is this ready for another review?

@abmussani
Merge branch 'main' into box-detector
9c66a31 
* main: (127 commits)
  Update SaladCloud description (trufflesecurity#3399)
  fix tests (trufflesecurity#3400)
  [chore] Update custom detector default description (trufflesecurity#3398)
  add description to salad (trufflesecurity#3397)
  Add detector for SaladCloud API Keys (trufflesecurity#3273)
  fix(deps): update module github.com/xanzy/go-gitlab to v0.111.0 (trufflesecurity#3393)
  Add SliceContainsString common util (trufflesecurity#3395)
  fix: pr template link to golangci-lint (trufflesecurity#3392)
  fix(deps): update golang.org/x/exp digest to f66d83c (trufflesecurity#3389)
  Separate detector tests into unit/integration (trufflesecurity#3274)
  Manually upgrade github dep (trufflesecurity#3387)
  Updated Fastly Personal Token Detector (trufflesecurity#3386)
  fix(deps): update module google.golang.org/api to v0.200.0 (trufflesecurity#3391)
  [Fix] Snowflake privatelink Support (trufflesecurity#3286)
  Enhanced the easyinsight detector (trufflesecurity#3384)
  Log skipped files on debug level (trufflesecurity#3383)
  build: update retracted bluemonday ver (trufflesecurity#3369)
  Fix git binary handling and add a smoke test (trufflesecurity#3379)
  fix(deps): update module google.golang.org/protobuf to v1.35.1 (trufflesecurity#3382)
  Added Cisco Meraki API Key detector (trufflesecurity#3367)
  ...

# Conflicts:
#	pkg/engine/defaults.go
#	pkg/pb/detectorspb/detectors.pb.go
#	proto/detectors.proto
@abmussani
Added Box Oauth detector
1823618 
Implemented description for Box detectors.
Separated out test for Box detectors.
@abmussani
Copy link
Contributor Author

Box also has OAuth, thoughts on adding that also?

@0x1 This PR now includes, Detector for Box Token and Box Oauth mechanism.

@abmussani abmussani requested a review from 0x1 October 14, 2024 13:07
kashifkhan0771
kashifkhan0771 reviewed Oct 14, 2024
View reviewed changes
Copy link
Contributor

@kashifkhan0771 kashifkhan0771 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM overall. Very Clean Code 🫧

pkg/detectors/box/box.go Show resolved Hide resolved
ahrav
ahrav reviewed Oct 14, 2024
View reviewed changes
pkg/detectors/box/box.go Outdated Show resolved Hide resolved
@abmussani
Merge branch 'main' into box-detector
d9373b5 
* main:
  feat: propagate file info in log context (trufflesecurity#3405)
  fix(deps): update module github.com/xanzy/go-gitlab to v0.112.0 (trufflesecurity#3410)
  fix(deps): update module github.com/getsentry/sentry-go to v0.29.1 (trufflesecurity#3408)
  fix(deps): update module github.com/gabriel-vasile/mimetype to v1.4.6 (trufflesecurity#3407)
@abmussani
removed user information from ExtraData.
472e557
@zricethezav
Copy link
Collaborator

Great work @abmussani

@zricethezav zricethezav merged commit aa17b8e into trufflesecurity:main Oct 15, 2024
13 checks passed
@blsaccess blsaccess mentioned this pull request Oct 16, 2024
Merged
@bugbaba
Copy link

bugbaba commented Oct 16, 2024

Seeing to many false positives matches for this due to box being common word specially due to xbox

bugbaba
bugbaba reviewed Oct 16, 2024
View reviewed changes
pkg/detectors/boxoauth/boxoauth.go
s1 := detectors.Result{
DetectorType: detectorspb.DetectorType_BoxOauth,
Raw: []byte(resIdMatch),
RawV2: []byte(resIdMatch + resSecretMatch),
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@abmussani A separator between the two matches would make it more readable

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bugbaba bugbaba bugbaba left review comments

@kashifkhan0771 kashifkhan0771 kashifkhan0771 approved these changes

@ahrav ahrav ahrav approved these changes

@0x1 0x1 Awaiting requested review from 0x1

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@abmussani @0x1 @zricethezav @bugbaba @ahrav @kashifkhan0771