Issue gitleaks#980: Add support for Telegram Bot API Token

b4bay · Sep 14, 2022 · 091fee9 · 091fee9
1 parent 6202053
commit 091fee9
Show file tree

Hide file tree

Showing 3 changed files with 53 additions and 0 deletions.
diff --git a/cmd/generate/config/main.go b/cmd/generate/config/main.go
@@ -141,6 +141,7 @@ func main() {
 	configRules = append(configRules, rules.SquareSpaceAccessToken())
 	configRules = append(configRules, rules.SumoLogicAccessID())
 	configRules = append(configRules, rules.SumoLogicAccessToken())
+	configRules = append(configRules, rules.TelegramBotToken())
 	configRules = append(configRules, rules.TravisCIAccessToken())
 	configRules = append(configRules, rules.Twilio())
 	configRules = append(configRules, rules.TwitchAPIToken())

diff --git a/cmd/generate/config/rules/telegram.go b/cmd/generate/config/rules/telegram.go
@@ -0,0 +1,43 @@
+package rules
+
+import (
+	"math/rand"
+	"regexp"
+	"strconv"
+
+	"github.com/zricethezav/gitleaks/v8/cmd/generate/secrets"
+	"github.com/zricethezav/gitleaks/v8/config"
+)
+
+func TelegramBotToken() *config.Rule {
+	// define rule
+	r := config.Rule{
+		Description: "Telegram Bot API Token",
+		RuleID:      "telegram-bot-api-token",
+		SecretGroup: 1,
+		Regex:       regexp.MustCompile(`(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])`),
+		Keywords: []string{
+			"telegram",
+			"api",
+			"bot",
+			"token",
+			"url",
+		},
+	}
+
+	// validate
+	token := secrets.NewSecret(numeric(strconv.Itoa(rand.Intn(11)+5)) + ":A" + alphaNumericExtendedShort("34"))
+	tps := []string{
+		// variable assigment
+		generateSampleSecret("telegram", token),
+		// URL contaning token
+		generateSampleSecret("url", "https://api.telegram.org/bot"+token+"/sendMessage"),
+		// object constructor
+		`const bot = new Telegraf("` + token + `")`,
+		// .env
+		`API_TOKEN = ` + token,
+		// YAML
+		`bot: ` + token,
+	}
+	return validate(r, tps, nil)
+}
diff --git a/config/gitleaks.toml b/config/gitleaks.toml
@@ -2577,6 +2577,15 @@ keywords = [
     "sumo",
 ]
 
+[[rules]]
+description = "Telegram Bot API Token"
+id = "telegram-bot-api-token"
+regex = '''(?i)(?:^|[^0-9])([0-9]{5,16}:A[a-zA-Z0-9_\-]{34})(?:$|[^a-zA-Z0-9_\-])'''
+secretGroup = 1
+keywords = [
+    "telegram","api","bot","token","url",
+]
+
 [[rules]]
 description = "Travis CI Access Token"
 id = "travisci-access-token"