PaulDotCom mailing list archives
Re: RegEx and Grep for PII and Pentest Useful Info?
From: TheTolik <thetolik () yahoo com>
Date: Tue, 26 Jun 2012 21:05:40 -0700 (PDT)
Adrian,
For an all-inclusive set regardless of spacing or separators, you can try using:
\b(?:\d[ -]*?){13,16}\b
In trying to make it more robust, you may also want to include patterns for magstripe track data
________________________________
From: Michael Allen <sector876 () gmail com>
To: PaulDotCom Security Weekly Mailing List <pauldotcom () mail pauldotcom com>
Sent: Tuesday, June 26, 2012 4:46 PM
Subject: Re: [Pauldotcom] RegEx and Grep for PII and Pentest Useful Info?
Have you looked at
http://regexlib.com/ ?
Regards,
Michael
On Tue, Jun 26, 2012 at 8:15 AM, Adrian Crenshaw <irongeek () irongeek com> wrote:
Hi all,
I'm looking for good regular expressions to find PII and useful info for a pentest. I've been using things like:
password|^(\d{3}-\d{2}-\d{4})|(\d{3}\d{2}\d{4})$
to search for passwords in notes and source code, as well as SSN#s. I'd like to throw credit cards in there, but none
of the regex I've seen for that seem to work in grepwin. I want to "or" them all together to do it in one sweep. Any
other good strings to add?
Thanks,
Adrian
--
"The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham
"The ability to Google can be a serviceable substitute for technical knowledge." ~ Adrian D. Crenshaw
Academic Freedom, Ignored Grievances, FERPA and Open Records Requests, Oh My:
http://www.irongeek.com/i.php?page=reviews/ius-mba-program
--
"The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham
"The ability to Google can be a serviceable substitute for technical knowledge." ~ Adrian D. Crenshaw
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com
-- Michael Allen Information Systems Security Officer GIAC Certified(GPEN, GWAPT) CEH - OSCP _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- RegEx and Grep for PII and Pentest Useful Info? Adrian Crenshaw (Jun 26)
- Re: RegEx and Grep for PII and Pentest Useful Info? Xavier Mertens (Jun 26)
- Re: RegEx and Grep for PII and Pentest Useful Info? Robin Wood (Jun 26)
- Re: RegEx and Grep for PII and Pentest Useful Info? Michael Allen (Jun 26)
- Re: RegEx and Grep for PII and Pentest Useful Info? TheTolik (Jun 27)
- Re: RegEx and Grep for PII and Pentest Useful Info? Adrian Crenshaw (Jun 27)