Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Detect Slack workflows webhook #2569

Merged
merged 2 commits into from
Apr 19, 2024
Merged

Detect Slack workflows webhook #2569

merged 2 commits into from
Apr 19, 2024

Conversation

juliendoutre
Copy link
Contributor

@juliendoutre juliendoutre commented Mar 12, 2024
edited
Loading

Description:

This PR implements the solution proposed in #2571 to detect another type of Slack Webhook URLs.

Checklist:

  • Tests passing (make test-community)?
  • Lint passing (make lint this requires golangci-lint)?

@juliendoutre juliendoutre mentioned this pull request Mar 13, 2024
Closed
@juliendoutre juliendoutre marked this pull request as ready for review March 13, 2024 11:04
@juliendoutre juliendoutre requested a review from a team as a code owner March 13, 2024 11:04
@juliendoutre juliendoutre force-pushed the julien.doutre/slack-workflow-webhooks branch from 841c20f to cd1d9c9 Compare March 19, 2024 14:46
ahrav
ahrav reviewed Apr 10, 2024
View reviewed changes
pkg/detectors/slackwebhook/slackwebhook.go
keyPat = regexp.MustCompile(`(https://hooks\.slack\.com/services/T[A-Z0-9]+/B[A-Z0-9]+/[A-Za-z0-9]{23,25})`)
keyPats = map[string]*regexp.Regexp{
"Slack Service Web Hook": regexp.MustCompile(`(https://hooks\.slack\.com/services/T[A-Z0-9]+/B[A-Z0-9]+/[A-Za-z0-9]{23,25})`),
"Slack Workflow Web Hook ": regexp.MustCompile(`(https://hooks\.slack\.com/workflows/T[A-Z0-9]+/A[A-Z0-9]+/[0-9]{17,19}/[A-Za-z0-9]{23,25})`),
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

question: I'm not intimately familiar with slack webhooks, but when I go into our slack to create a workflow the "Web request URL" I am getting looks like https://hooks.slack.com/triggers/TEL4..../69.../... Is this because Slack updated the format of the URL or i'm just setting it up in the wrong place.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

No you're right, this format seems to be a legacy one already.

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great, thanks for confirming.

ahrav
ahrav approved these changes Apr 19, 2024
View reviewed changes
Copy link
Collaborator

@ahrav ahrav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks a lot @juliendoutre for the update here, we really appreciate it! Sorry for the delayed review.

@ahrav ahrav merged commit 32652a7 into trufflesecurity:main Apr 19, 2024
1 check passed
@BrewTestBot BrewTestBot mentioned this pull request Apr 24, 2024
Merged
@juliendoutre juliendoutre deleted the julien.doutre/slack-workflow-webhooks branch April 25, 2024 09:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahrav ahrav ahrav approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@juliendoutre @ahrav