|
13 | 13 | 'pgp_private': re.compile(r'BEGIN PGP PRIVATE', re.I),
|
14 | 14 | 'ssh_private': re.compile(r'BEGIN RSA PRIVATE', re.I),
|
15 | 15 | 'db_keywords': [
|
16 |
| - re.compile( |
17 |
| - r'((customers?|email|users?|members?|acc(?:oun)?ts?)([-_|/\s]?(address|name|id[^")a-zA-Z0-9_]|[-_:|/\\])))', re.I), |
18 |
| - re.compile( |
19 |
| - r'((\W?pass(wor)?d|hash)[\s|:])', re.I), |
20 |
| - re.compile( |
21 |
| - r'((\btarget|\bsite)\s*?:?\s*?(([a-z][\w-]+:/{1,3})?([-\w\s_/]+\.)*[\w=/?%]+))', re.I), # very basic URL check - may be improved later |
22 |
| - re.compile( |
23 |
| - r'(my\s?sql[^i_\.]|sql\s*server)', re.I), |
24 |
| - re.compile( |
25 |
| - r'((host|target)[-_\s]+ip:)', re.I), |
26 |
| - re.compile( |
27 |
| - r'(data[-_\s]*base|\Wdb)', re.I), # added the non-word char before db.. we'll see if that helps |
| 16 | + re.compile(r'((customers?|email|users?|members?|acc(?:oun)?ts?)([-_|/\s]?(address|name|id[^")a-zA-Z0-9_]|[-_:|/\\])))', re.I), |
| 17 | + re.compile(r'((\W?pass(wor)?d|hash)[\s|:])', re.I), |
| 18 | + re.compile(r'((\btarget|\bsite)\s*?:?\s*?(([a-z][\w-]+:/{1,3})?([-\w\s_/]+\.)*[\w=/?%]+))', re.I), # very basic URL check - may be improved later |
| 19 | + re.compile(r'(my\s?sql[^i_\.]|sql\s*server)', re.I), |
| 20 | + re.compile(r'((host|target)[-_\s]+ip:)', re.I), |
| 21 | + re.compile(r'(data[-_\s]*base|\Wdb)', re.I), # added the non-word char before db.. we'll see if that helps |
28 | 22 | re.compile(r'(table\s*?:)', re.I),
|
29 |
| - re.compile( |
30 |
| - r'((available|current)\s*(databases?|dbs?)\W)', re.I), |
| 23 | + re.compile(r'((available|current)\s*(databases?|dbs?)\W)', re.I), |
31 | 24 | re.compile(r'(hacked\s*by)', re.I)
|
32 | 25 | ],
|
33 |
| - 'blacklist': [ # I was hoping to not have to make a blacklist, but it looks like I don't really have a choice |
34 |
| - re.compile( |
35 |
| - r'(select\s+.*?from|join|declare\s+.*?\s+as\s+|update.*?set|insert.*?into)', re.I), # SQL |
36 |
| - re.compile( |
37 |
| - r'(define\(.*?\)|require_once\(.*?\))', re.I), # PHP |
38 |
| - re.compile( |
39 |
| - r'(function.*?\(.*?\))', re.I), |
40 |
| - re.compile( |
41 |
| - r'(Configuration(\.Factory|\s*file))', re.I), |
42 |
| - re.compile( |
43 |
| - r'((border|background)-color)', re.I), # Basic CSS (Will need to be improved) |
44 |
| - re.compile( |
45 |
| - r'(Traceback \(most recent call last\))', re.I), |
46 |
| - re.compile( |
47 |
| - r'(java\.(util|lang|io))', re.I), |
| 26 | + # I was hoping to not have to make a blacklist, but it looks like I don't really have a choice |
| 27 | + 'blacklist': [ |
| 28 | + re.compile(r'(select\s+.*?from|join|declare\s+.*?\s+as\s+|update.*?set|insert.*?into)', re.I), # SQL |
| 29 | + re.compile(r'(define\(.*?\)|require_once\(.*?\))', re.I), # PHP |
| 30 | + re.compile(r'(function.*?\(.*?\))', re.I), |
| 31 | + re.compile(r'(Configuration(\.Factory|\s*file))', re.I), |
| 32 | + re.compile(r'((border|background)-color)', re.I), # Basic CSS (Will need to be improved) |
| 33 | + re.compile(r'(Traceback \(most recent call last\))', re.I), |
| 34 | + re.compile(r'(java\.(util|lang|io))', re.I), |
48 | 35 | re.compile(r'(sqlserver\.jdbc)', re.I)
|
49 | 36 | ],
|
50 | 37 | # The banlist is the list of regexes that are found in crash reports
|
|
0 commit comments