feat(telegram): add username to extradata (#2100)

trufflesecurity · Nov 20, 2023 · 62c628f · 62c628f
1 parent 9e88cdf
commit 62c628f
Showing 1 changed file with 27 additions and 2 deletions.
diff --git a/pkg/detectors/telegrambottoken/telegrambottoken.go b/pkg/detectors/telegrambottoken/telegrambottoken.go
@@ -2,6 +2,8 @@ package telegrambottoken
 
 import (
 	"context"
+	"encoding/json"
+
 	//	"fmt"
 	"net/http"
 	"regexp"
@@ -22,13 +24,15 @@ var (
 
 	// https://core.telegram.org/bots#6-botfather
 	// thanks https://stackoverflow.com/questions/61868770/tegram-bot-api-token-format
-	keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"telegram"}) + `\b([0-9]{8,10}:[a-zA-Z0-9_-]{35})\b`)
+	keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"telegram", "tgram://"}) + `\b([0-9]{8,10}:[a-zA-Z0-9_-]{35})\b`)
 )
 
 // Keywords are used for efficiently pre-filtering chunks.
 // Use identifiers in the secret preferably, or the provider name.
 func (s Scanner) Keywords() []string {
-	return []string{"telegram"}
+	// Apprise uses the `tgram://` url scheme.
+	// https://github.com/caronc/apprise/wiki/Notify_telegram
+	return []string{"telegram", "tgram"}
 }
 
 // FromData will find and optionally verify TelegramBotToken secrets in a given set of bytes.
@@ -54,11 +58,20 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 			if err != nil {
 				continue
 			}
+
 			res, err := client.Do(req)
 			if err == nil {
 				defer res.Body.Close()
 				if res.StatusCode >= 200 && res.StatusCode < 300 {
 					s1.Verified = true
+
+					apiRes := apiResponse{}
+					err := json.NewDecoder(res.Body).Decode(&apiRes)
+					if err == nil && apiRes.Ok {
+						s1.ExtraData = map[string]string{
+							"username": apiRes.Result.Username,
+						}
+					}
 				} else {
 					if detectors.IsKnownFalsePositive(key, detectors.DefaultFalsePositives, true) {
 						continue
@@ -73,6 +86,18 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
 	return results, nil
 }
 
+// https://core.telegram.org/bots/api#making-requests
+type apiResponse struct {
+	Ok     bool          `json:"ok"`
+	Result *userResponse `json:"result"`
+}
+
+// https://core.telegram.org/bots/api#user
+type userResponse struct {
+	IsBot    bool   `json:"is_bot"`
+	Username string `json:"username"`
+}
+
 func (s Scanner) Type() detectorspb.DetectorType {
 	return detectorspb.DetectorType_TelegramBotToken
 }