scanct

package module
v0.0.0-...-d953910 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Mar 24, 2023 License: MIT Imports: 25 Imported by: 0

README

scanct

scanct searches certificate transparency logs for known self-hosted services, hoping to find exposed credentials such as AWS keys. See my blog post for a high-level overview.

Currently, the following software is detected:

  • GitLab: scanct clones repositories and scans for secrets using gitleaks.
  • Jenkins: scanct scans for open /script endpoints and downloads workspaces of jobs to scan for secrets with gitleaks.

Installation

  1. Install Go for your platform.
  2. Clone the repository: git clone https://github.com/rgwohlbold/scanct.
  3. Build the binary: go build -o scanct cmd/scanct/main.go.
  4. Run the binary: ./scanct <options>.

Usage

All flags are documented in main.go. scanct stores all its information in a SQLite database, instance.db. This makes it resilient to restarts, as entries that have not been fully processed are retried on the next run.

License

scanct is licensed under the MIT license. See LICENSE for details.

This repository was adapted from shhgit and heavily modified, removing almost all code in the progress. shhgit is licensed under MIT see https://github.com/eth0izzle/shhgit/blob/master/LICENSE for details.

Thanks to Lukas Radermacher (lukasrad02) and Tyron Franzke for initially implementing the GitLab scanner into shhgit.

Documentation

Index

Constants

View Source 
const CTWorkers = 30
View Source 
const DatabaseFile = "./instances.db"

Variables

This section is empty.

Functions

func CTInputWorker 

func CTInputWorker(config *CTConfig, startChan chan<- int64)

func CTOutputWorker 

func CTOutputWorker(config *CTConfig, certChan <-chan []Certificate)

func CTProcessWorker 

func CTProcessWorker(config *CTConfig, startChan <-chan int64, certChan chan<- []Certificate)

func ConnectLog 

func ConnectLog(config *CTConfig) (*client.LogClient, error)

func ExtractZip 

func ExtractZip(src string, dst string) error

https://github.com/artdarek/go-unzip

func FilterInputWorker 

func FilterInputWorker[I, O any](filter ProcessStep[I, O], instanceChan chan<- I)

func FilterOutputWorker 

func FilterOutputWorker[I, O any](filter ProcessStep[I, O], resultsChan <-chan ProcessResult[I, O])

func FilterProcessWorker 

func FilterProcessWorker[I, O any](filter ProcessStep[I, O], instanceChan <-chan I, resultChan chan<- ProcessResult[I, O])

func Hash 

func Hash(s string) string

func ImportCertificates 

func ImportCertificates(config *CTConfig)

func PanicIfError 

func PanicIfError(err error)

func RunProcessStep 

func RunProcessStep[I, O any](step ProcessStep[I, O], workers int)

func Unique 

func Unique[T comparable](slice []T) []T

Types

type AWSKey 

type AWSKey struct {
	ID               int
	AccessKey        string `gorm:"uniqueIndex:accesskey"`
	SecretKey        string
	FindingID        int
	Finding          Finding `gorm:"foreignKey:FindingID"`
	JenkinsFindingID int
	JenkinsFinding   JenkinsFinding `gorm:"foreignKey:JenkinsFindingID"`
	Arn              string
}

type CTConfig 

type CTConfig struct {
	URL                 string
	GetEntriesRetries   int
	GetEntriesBatchSize int64
	NumCerts            int64
}

type Certificate 

type Certificate struct {
	Subjects []string
	Index    int64
}

type Database 

type Database struct {
	// contains filtered or unexported fields
}

func NewDatabase 

func NewDatabase() (Database, error)

func (*Database) AddAWSKeys 

func (d *Database) AddAWSKeys(k []AWSKey) error

func (*Database) AddGitLab 

func (d *Database) AddGitLab(g []GitLab) error

func (*Database) AddJenkins 

func (d *Database) AddJenkins(j []Jenkins) error

func (*Database) AddJenkinsJob 

func (d *Database) AddJenkinsJob(o []JenkinsJob) error

func (*Database) Close 

func (d *Database) Close()

func (*Database) GetUnprocessedAWSFindings 

func (d *Database) GetUnprocessedAWSFindings() ([]Finding, error)

func (*Database) GetUnprocessedGitLabs 

func (d *Database) GetUnprocessedGitLabs() ([]GitLab, error)

func (*Database) GetUnprocessedInstancesForGitlab 

func (d *Database) GetUnprocessedInstancesForGitlab() ([]Instance, error)

func (*Database) GetUnprocessedInstancesForJenkins 

func (d *Database) GetUnprocessedInstancesForJenkins() ([]Instance, error)

func (*Database) GetUnprocessedJenkins 

func (d *Database) GetUnprocessedJenkins() ([]Jenkins, error)

func (*Database) GetUnprocessedJenkinsAWSFindings 

func (d *Database) GetUnprocessedJenkinsAWSFindings() ([]JenkinsFinding, error)

func (*Database) GetUnprocessedJenkinsJobs 

func (d *Database) GetUnprocessedJenkinsJobs() ([]JenkinsJob, error)

func (*Database) GetUnprocessedRepositories 

func (d *Database) GetUnprocessedRepositories() ([]Repository, error)

func (*Database) IndexRange 

func (d *Database) IndexRange() (int64, int64, error)

func (*Database) InsertRepositories 

func (d *Database) InsertRepositories(repositories []Repository) error

func (*Database) LogFindings 

func (d *Database) LogFindings(finding []Finding) error

func (*Database) SaveJenkinsFindings 

func (d *Database) SaveJenkinsFindings(findings []JenkinsFinding) error

func (*Database) SetFindingProcessed 

func (d *Database) SetFindingProcessed(finding *Finding) error

func (*Database) SetGitlabProcessed 

func (d *Database) SetGitlabProcessed(gitlab *GitLab) error

func (*Database) SetInstanceProcessed 

func (d *Database) SetInstanceProcessed(instance *Instance) error

func (*Database) SetJenkinsFindingProcessed 

func (d *Database) SetJenkinsFindingProcessed(finding *JenkinsFinding) error

func (*Database) SetJenkinsJobProcessed 

func (d *Database) SetJenkinsJobProcessed(job *JenkinsJob) error

func (*Database) SetJenkinsProcessed 

func (d *Database) SetJenkinsProcessed(jenkins *Jenkins) error

func (*Database) SetRepositoryProcessed 

func (d *Database) SetRepositoryProcessed(repository *Repository) error

func (*Database) StoreCertificates 

func (d *Database) StoreCertificates(certs []Certificate) error

type Fan 

type Fan[I any, O any] struct {
	InputWorker   func(chan<- I)
	ProcessWorker func(<-chan I, chan<- O)
	OutputWorker  func(<-chan O)
	Workers       int
	InputBuffer   int
	OutputBuffer  int
}

func (Fan[I, O]) Run 

func (f Fan[I, O]) Run()

type Finding 

type Finding struct {
	ID           int
	RepositoryID int
	Repository   Repository `gorm:"foreignKey:RepositoryID"`
	Secret       string
	Commit       string
	StartLine    int
	EndLine      int
	File         string
	URL          string
	CommitDate   string
	Rule         string
	Processed    bool
}

type GitLab 

type GitLab struct {
	ID          int
	InstanceID  int
	Instance    Instance `gorm:"foreignKey:InstanceID"`
	AllowSignup bool
	Email       string
	Password    string
	APIToken    string
	Processed   bool
	BaseURL     string `gorm:"uniqueIndex:git_labs_base_url"`
}

func (GitLab) GetInstanceID 

func (g GitLab) GetInstanceID() int

func (GitLab) URL 

func (g GitLab) URL() string

type Instance 

type Instance struct {
	ID        int
	Name      string `gorm:"index:index_name"`
	Index     int64  `gorm:"index:index_index"`
	Processed bool
}

type Jenkins 

type Jenkins struct {
	ID           int
	InstanceID   int
	Instance     Instance `gorm:"foreignKey:InstanceID"`
	AnonymousAPI bool
	BaseURL      string `gorm:"uniqueIndex:jenkins_base_url"`
	Processed    bool
	ScriptAccess bool
}

func (Jenkins) GetInstanceID 

func (j Jenkins) GetInstanceID() int

type JenkinsFinding 

type JenkinsFinding struct {
	ID        int
	JobID     int
	Job       JenkinsJob `gorm:"foreignKey:JobID"`
	Secret    string
	StartLine int
	EndLine   int
	File      string
	URL       string
	Rule      string
	Processed bool
}

type JenkinsJob 

type JenkinsJob struct {
	ID        int
	JenkinsID int
	Jenkins   Jenkins `gorm:"foreignKey:JenkinsID"`
	Name      string
	URL       string `gorm:"uniqueIndex:jenkins_jobs_url"`
	Processed bool
}

type ProcessResult 

type ProcessResult[I, O any] struct {
	Input  I
	Output []O
	Error  error
}

type ProcessStep 

type ProcessStep[I, O any] interface {
	UnprocessedInputs(db *Database) ([]I, error)
	Process(*I) ([]O, error)
	SetProcessed(*Database, *I) error
	SaveResult(*Database, []O) error
}

type Repository 

type Repository struct {
	ID        int
	GitLabID  int    `gorm:"uniqueIndex:repo"`
	GitLab    GitLab `gorm:"foreignKey:GitLabID"`
	Name      string `gorm:"uniqueIndex:repo"`
	Processed bool
}

func (*Repository) CloneURL 

func (r *Repository) CloneURL() string

Source Files

View all Source files

Directories

Path Synopsis
cmd
scanct

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.