Servicenow Generic password

Description

General

This detector is a variant of the generic_password detector. It works only on ServiceNow configuration files known to contain passwords. ServiceNow configuration files are XML files whose name either start with sys_dictionary_ or ends with _<suffix>.xml where <suffix> is an hexadecimal string of 32 characters.

It searches for secrets in XML elements commonly associated with secrets, such as <access_token>, <password> or <private_key>.

Since its focus is narrower than the generic_password detector, it can report simpler password that would be considered false positives by generic_password. For example it won't exclude dictionary words.

Revoke the secret

This detector catches generic passwords, hence GitGuardian cannot infer the concerned service. To properly revoke the password:

Understand what service is impacted.
Refer to the corresponding documentation to know how to revoke and rotate the secret.

Examples

Examples that WILL be caught

- text: |
    <client_secret>Admin!Pass99</client_secret>
  password: Admin!Pass99

- text: |
    <secret_key>horse</secret_key>
  password: horse

- text: |
    <token>sunshine.rainbow12</token>
  password: sunshine.rainbow12

Servicenow Generic password

Description

General

Revoke the secret

Examples

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Description​

General​

Revoke the secret​

Examples​

Was this page helpful?

Something we didn’t cover?

See our Roadmap

Subscribe on GitHub

Submit a request

API status

Subscribe to our newsletter

Description

General

Revoke the secret

Examples