24 lines
850 B
YAML
24 lines
850 B
YAML
id: reactapp-password
|
|
|
|
info:
|
|
name: React App Password
|
|
author: DhiyaneshDK
|
|
severity: info
|
|
reference:
|
|
- https://github.com/praetorian-inc/noseyparker/blob/main/crates/noseyparker/data/default/builtin/rules/react.yml
|
|
- https://create-react-app.dev/docs/adding-custom-environment-variables/
|
|
- https://stackoverflow.com/questions/48699820/how-do-i-hide-an-api-key-in-create-react-app
|
|
metadata:
|
|
verified: true
|
|
tags: react,keys,file
|
|
|
|
file:
|
|
- extensions:
|
|
- all
|
|
|
|
extractors:
|
|
- type: regex
|
|
part: body
|
|
regex:
|
|
- \bREACT_APP(?:_[A-Z0-9]+)*_PASS(?:\s+WORD)?\s*=\s*['"]?([^\s'"$]{6,})(?:[\s'"$]|$)
|
|
# digest: 4b0a00483046022100b4791a0989f14242e6ffe187281643b8b1417e5aba7fe98f353e37dbdc2ffb6c022100c3eee981ff792f8372f7f9292d0e73e0718b69a12d6d40ba0a58dff15dc3f948:922c64590222798bb761d5b6d8e72950 |