Skip to main content

Generic database assignment (attached port)

Description#

General#

This detector is equivalent to the Generic database assignment detector except that it aims at catching only cases where the port is attached to the host.

Revoke the secret#

This detector catches generic database credentials, hence GitGuardian cannot infer the type of database concerned. To properly revoke the secret :

  1. Understand what type of database is concerned.
  2. Refer to the corresponding database documentation to know how to revoke and rotate the credentials.

Examples#

- text: |    DB CONTEXT    host=my.mongo.com:27017    username=root    password=m42ploz2wd  host: my.mongo.com  port: "27017"  username: root  password: m42ploz2wd
- text: |    dbhost=my.mongo.com:27017    dbuser=root    dbpwd=m42ploz2wd  host: my.mongo.com  port: "27017"  username: root  password: m42ploz2wd

Details for Generic database assignment attached port#

  • High Recall: False

  • Validity Check: False

  • Minimum Number of Matches: 4

  • Occurrences found for one million commits: 14

  • Prefixed: False

  • PreValidators:

- type: FilenameBanlistPreValidator  banlist_extensions:    - html    - css    - md    - lock    - storyboard    - xib  banlist_filenames:    - node_modules(/|\\)    - vendors?(/|\\)    - top-1000\.txt$    - \.sops$    - \.sops\.yaml$  check_binaries: false- type: ContentWhitelistPreValidator  patterns:    - db    - database- type: ContentWhitelistPreValidator  patterns:    - pwd    - pass- type: ContentWhitelistPreValidator  patterns:    - host- type: ContentWhitelistPreValidator  patterns:    - user
  • PostValidators
host:  - type: CommonValueBanlistPostValidator  - type: CommonHostBanlistPostValidator  - type: ValueBanlistPostValidator    patterns:      - 'smtp\.'      - localhost      - 'this\.'      - 'example\.com$'      - 'mail\.'      - 'self\.'      - '\.java'      - 'local\.'      - 'process\.env'      - "config"      - "test"      - '\.hostname'      - 'host\.'      - '\.host$'      - '\.env'      - 'env\.'      - "settings"      - "string"      - "default"      - 'args\.'      - '^com\.'      - "error"      - "request"      - '(\d{1,3}).\1.\1.\1' # Rejects dummy IPs like 1.1.1.1      - '\.ip$'      - "grafana"      - "^api.weixin"      - "foobar"      - 'x{1,3}\.x{1,3}\.x{1,3}\.x{1,3}'      - '1\.2\.3\.4'      - 'www\.google\.com'      - 'bing\.com'  - type: AssignmentBanlistPostValidator    patterns:      - "allowed_hosts"      - '\.localhost'      - "^localhost$"      - "trusted[_.-]?host"      - "http"      - "proxy"      - "redis"      - "mongo"      - "m[sy]sql"      - "postgres"      - "ftp"      - "smtp"      - "zookeeper"      - "ldap"      - "mail"      - "callback"      - "repourl"      - "urllib3"      - "rpc"
password:  - type: CommonValueBanlistPostValidator  - type: CommonPasswordBanlistPostValidator  - type: ValueBanlistPostValidator    patterns:      - "encrypted"      - "false"      - "true"      - "self"      - "__vault__"      - "test1234"      - "abcd1234"      - "nil"      - "hidden"      - "string"      - '(\d)\1{4,}' #repeating digit 5 times or more      - "get_env"      - '\.env'      - "env[.(]"      - "^test$"      - 'args\.'      - "error"      - "request"      - '\.pem$'      - "^buf$"      - "pg[_.-]?pass"      - 'fs\.read'      - "required"      - "^masked$"      - "^hashed$"      - "^secured"      - "removed$"      - "^None"      - "^The$"      - '^\.\.\.$'      - 'models\.'      - "sha256"      - "md5"      - "^some-?pass$"      - '^getpass\.'      - "password"      - "^array$"      - "crypted"      - "credential"      - "^_?pwd,?$"      - "^null,?$"      - "^isnull"      - "username"      - "^user$"      - "^host[,=]"      - "dbhost"      - "config"      - "noreply"      - '\*\*\*\*'      - "optional"      - "database"      - "await"      - "function"      - "encode"      - '[,:\(\)]$'      - '\);$'      - "^,"      - "(?-i:^[A-Z_]*$)"  - type: HeuristicPostValidator    filters:      - file_path      - file_name  - type: AssignmentBanlistPostValidator    patterns:      - "proxy"      - "redis"      - "mongo"      - "m[sy]sql"      - "postgres"      - "ftp"      - "smtp"      - "zookeeper"      - "ldap"      - "mail"      - 'getpass\.'
username:  - type: CommonValueBanlistPostValidator  - type: CommonUsernameBanlistPostValidator  - type: ValueBanlistPostValidator    patterns:      - "db_user"      - "self"      - "true"      - "false"      - "__vault__"      - '^[\*x]+$'      - "^null$"      - "userinfo"      - "test"      - "nil"      - "string"      - "^str$"      - 'args\.'      - "error"      - "request"      - "pg[_.-]?user"      - 'fs\.read'      - "^masked$"      - "^blank$"      - "^flask_user$"      - "^someone$"      - "^some-?user$"      - "^return$"      - "^grafana$"      - "^err$"      - "^choose$"      - "^pwd$"      - "^mozilla$"      - "portal"  - type: AssignmentBanlistPostValidator    patterns:      - "user[_-]?agent"      - "proxy"      - "redis"      - "mongo"      - "m[sy]sql"      - "postgres"      - "ftp"      - "smtp"      - "zookeeper"      - "ldap"      - "mail"