From 72a7c41ba6cb613229f3d0df126cc7dfe8b2b75b Mon Sep 17 00:00:00 2001 From: Gwen Date: Thu, 9 Feb 2023 15:16:44 +0100 Subject: [PATCH] new github tokens format --- class.GitHubSearch.php | 2 +- github-contributors.py | 2 +- github-dorks.php | 2 +- github-dorks.py | 2 +- github-employees.py | 2 +- github-endpoints.py | 2 +- github-secrets.py | 2 +- github-subdomains.py | 2 +- github-survey/index.php | 2 +- github-survey2.py | 2 +- github-users.py | 2 +- gsearch-reflog.sh | 1 + 12 files changed, 12 insertions(+), 11 deletions(-) diff --git a/class.GitHubSearch.php b/class.GitHubSearch.php index 63050de..9e019de 100755 --- a/class.GitHubSearch.php +++ b/class.GitHubSearch.php @@ -49,7 +49,7 @@ public function __construct() $f_tokens = dirname(__FILE__).'/.tokens'; if( file_exists($f_tokens) ) { $content = file_get_contents( $f_tokens ); - $m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})', $content, $matches ); + $m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})', $content, $matches ); // var_dump($m); if( $m ) { $this->auth_token = $matches[0]; diff --git a/github-contributors.py b/github-contributors.py index f1610b8..6b6e60d 100755 --- a/github-contributors.py +++ b/github-contributors.py @@ -35,7 +35,7 @@ if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-dorks.php b/github-dorks.php index 8539eee..4a16cdd 100755 --- a/github-dorks.php +++ b/github-dorks.php @@ -213,7 +213,7 @@ function usage( $err=null ) { $f_tokens = dirname(__FILE__).'/.tokens'; if( file_exists($f_tokens) ) { $content = file_get_contents( $f_tokens ); - $m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})', $content, $matches ); + $m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})', $content, $matches ); if( $m ) { $t_tokens = $matches[0]; } diff --git a/github-dorks.py b/github-dorks.py index 10838e1..bd6d4de 100755 --- a/github-dorks.py +++ b/github-dorks.py @@ -38,7 +38,7 @@ if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-employees.py b/github-employees.py index 0908ad7..2fc2401 100755 --- a/github-employees.py +++ b/github-employees.py @@ -80,7 +80,7 @@ if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-endpoints.py b/github-endpoints.py index 10903f7..4fc068c 100755 --- a/github-endpoints.py +++ b/github-endpoints.py @@ -212,7 +212,7 @@ def doGetCode( url ): if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-secrets.py b/github-secrets.py index 403f2c5..1891d74 100755 --- a/github-secrets.py +++ b/github-secrets.py @@ -116,7 +116,7 @@ def doGetCode( url ): if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-subdomains.py b/github-subdomains.py index 1d239fb..6fa0ac4 100755 --- a/github-subdomains.py +++ b/github-subdomains.py @@ -104,7 +104,7 @@ def doGetCode( url ): if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-survey/index.php b/github-survey/index.php index 87d90da..5dea8aa 100644 --- a/github-survey/index.php +++ b/github-survey/index.php @@ -14,7 +14,7 @@ exit( 'Tokens file not found!' ); } $content = file_get_contents( $f_tokens ); -$m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})', $content, $matches ); +$m = preg_match_all( '([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})', $content, $matches ); if( $m ) { $t_tokens = $matches[0]; } diff --git a/github-survey2.py b/github-survey2.py index ecac5f8..0bfaa12 100755 --- a/github-survey2.py +++ b/github-survey2.py @@ -51,7 +51,7 @@ if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/github-users.py b/github-users.py index 7142ad2..f0c21c0 100755 --- a/github-users.py +++ b/github-users.py @@ -33,7 +33,7 @@ if os.path.isfile(TOKENS_FILE): fp = open(TOKENS_FILE,'r') for line in fp: - r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36})$', line ) + r = re.search( '^([a-f0-9]{40}|ghp_[a-zA-Z0-9]{36}|github_pat_[_a-zA-Z0-9]{82})$', line ) if r: t_tokens.append( r.group(1) ) diff --git a/gsearch-reflog.sh b/gsearch-reflog.sh index 9b9e99d..f72a633 100755 --- a/gsearch-reflog.sh +++ b/gsearch-reflog.sh @@ -23,6 +23,7 @@ t_keywords=( "cloudfront.net" "blob.core.windows.net" 'ghp_' + 'github_pat_' 'AKIA[A-Z0-9]{16}' )