Merge pull request #327 from gm3dmo/issue323

testing base64 for #323
gm3dmo · Feb 24, 2025 · de70197 · de70197
2 parents fe20620 + 3a3451a
commit de70197
Showing 1 changed file with 16 additions and 2 deletions.
diff --git a/test-commit-secret.sh b/test-commit-secret.sh
@@ -34,10 +34,20 @@ fi
 function github_pat () { 
     gh1=ghp_9
     gh2=gDO8kvREKK9toy7CsUunZEY77XvGA1pNv5F
+    export gh1 gh2
     echo "Commit: GitHub PAT"
     echo export GITHUB_TOKEN=${gh1}${gh2} >github.token.compromised.secret.txt
 }
 
+function github_pat_base64 () { 
+    # https://github.blog/changelog/2025-02-14-secret-scanning-detects-base64-encoded-github-tokens/
+    gh1=ghp_9
+    gh2=gDO8kvREKK9toy7CsUunZEY77XvGA1pNv5F
+    echo "Commit: GitHub PAT Base64"
+    pat_base64=$(echo ${gh1}${gh2} | ../../base64encode.py)
+    echo export ${pat_base64} >github.token.base64.compromised.secret.txt
+}
+
 function entra_1 () {
    entra1_1="eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIng1dCI6IjdfWnVmMXR2a3dMeFlhSFMzcTZsVWpVWUlHdyIsImtpZCI6IjdfWnVmMXR2a3dMeFlhSFMzcTZsVWpVWUlHdyJ9"
    entra1_2=".eyJhdWQiOiJiMTRhNzUwNS05NmU5LTQ5MjctOTFlOC0wNjAxZDBmYzljYWEiLCJpc3MiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC9mYTE1ZDY5Mi1lOWM3LTQ0NjAtYTc0My0yOWYyOTU2ZmQ0MjkvIiwiaWF0IjoxNTM2Mjc1MTI0LCJuYmYiOjE1MzYyNzUxMjQsImV4cCI6MTUzNjI3OTAyNCwiYWlvIjoiQVhRQWkvOElBQUFBcXhzdUIrUjREMnJGUXFPRVRPNFlkWGJMRDlrWjh4ZlhhZGVBTTBRMk5rTlQ1aXpmZzN1d2JXU1hodVNTajZVVDVoeTJENldxQXBCNWpLQTZaZ1o5ay9TVTI3dVY5Y2V0WGZMT3RwTnR0Z2s1RGNCdGsrTExzdHovSmcrZ1lSbXY5YlVVNFhscGhUYzZDODZKbWoxRkN3PT0iLCJhbXIiOlsicnNhIl0sImVtYWlsIjoiYWJlbGlAbWljcm9zb2Z0LmNvbSIsImZhbWlseV9uYW1lIjoiTGluY29sbiIsImdpdmVuX25hbWUiOiJBYmUiLCJpZHAiOiJodHRwczovL3N0cy53aW5kb3dzLm5ldC83MmY5ODhiZi04NmYxLTQxYWYtOTFhYi0yZDdjZDAxMWRiNDcvIiwiaXBhZGRyIjoiMTMxLjEwNy4yMjIuMjIiLCJuYW1lIjoiYWJlbGkiLCJub25jZSI6IjEyMzUyMyIsIm9pZCI6IjA1ODMzYjZiLWFhMWQtNDJkNC05ZWMwLTFiMmJiOTE5NDQzOCIsInJoIjoiSSIsInN1YiI6IjVfSjlyU3NzOC1qdnRfSWN1NnVlUk5MOHhYYjhMRjRGc2dfS29vQzJSSlEiLCJ0aWQiOiJmYTE1ZDY5Mi1lOWM3LTQ0NjAtYTc0My0yOWYyOTU2ZmQ0MjkiLCJ1bmlxdWVfbmFtZSI6IkFiZUxpQG1pY3Jvc29mdC5jb20iLCJ1dGkiOiJMeGVfNDZHcVRrT3BHU2ZUbG40RUFBIiwidmVyIjoiMS4wIn0=.UJQrCA6qn2bXq57qzGX_-D3HcPHqBMOKDPx4su1yKRLNErVD8xkxJLNLVRdASHqEcpyDctbdHccu6DPpkq5f0ibcaQFhejQNcABidJCTz0Bb2AbdUCTqAzdt9pdgQvMBnVH1xk3SCM6d4BbT4BkLLj10ZLasX7vRknaSjE_C5DI7Fg4WrZPwOhII1dB0HEZ_qpNaYXEiy-o94UJ94zCr07GgrqMsfYQqFR7kn-mn68AjvLcgwSfZvyR_yIK75S_K37vC3QryQ7cNoafDe9upql_6pB2ybMVlgWPs_DmbJ8g0om-sPlwyn74Cc1tW3ze-Xptw_2uVdPgWyqfuWAfq6Q"
@@ -166,9 +176,12 @@ case ${keyname} in
  datadog_api_key)
      datadog_api_key
      ;;
- github)
+ github_pat)
     github_pat
     ;;
+ github_pat_base64)
+    github_pat_base64
+    ;;
  google_api_key)
     google_api_key 
     ;;
@@ -183,6 +196,7 @@ case ${keyname} in
     ;;
  all)
     github_pat
+    github_pat_base64
     gh_app_installation
     google_api_key
     azure_storage
@@ -198,7 +212,7 @@ case ${keyname} in
     ;;
  *)
    echo 
-   echo "Please pass a name of token to compromise: [ azure_storage, github, google_api_key, npm_granular, gh_app_installation, aws_access_key_id, aws_secret_access_key, aws_secret_access_key_id_combo, datadog_api_key, firebase entra_1, entra_2 ]"
+   echo "Please pass a name of token to compromise: [ azure_storage, github, google_api_key, npm_granular, gh_app_installation, aws_access_key_id, aws_secret_access_key, aws_secret_access_key_id_combo, datadog_api_key, firebase entra_1, entra_2, github_pat_base64 ]"
    echo 
    ;;
 esac