id: jenkins-token

info:
  name: Jenkins Token or Crumb
  author: DhiyaneshDK
  severity: info
  reference:
    - https://github.com/praetorian-inc/noseyparker/blob/main/data/default/rules/jenkins.yml
    - https://www.jenkins.io/blog/2018/07/02/new-api-token-system/
    - https://www.jenkins.io/doc/book/security/csrf-protection/
  metadata:
    verified: true
  tags: file,keys,jenkins,crumb,token
file:
  - extensions:
      - all

    extractors:
      - type: regex
        part: body
        regex:
          - '(?i)jenkins.{0,10}(?:crumb)?.{0,10}\b([0-9a-f]{32,36})\b'
# digest: 4b0a00483046022100bbae117ce6e36c2edabf974fd82254d93119455c3ffaae610bba874bb154fd14022100c94a0e7d792202691a4e8608e7cefcf2bcd0323c9b4c9dacb555345000ec4b0b:922c64590222798bb761d5b6d8e72950