Merge 1952cb4 into 8b78c98

d-Rickyy-b · Oct 19, 2019 · 2fd2d29 · 2fd2d29
2 parents 8b78c98 + 1952cb4
commit 2fd2d29
Show file tree

Hide file tree

Showing 3 changed files with 79 additions and 0 deletions.
diff --git a/pastepwn/analyzers/__init__.py b/pastepwn/analyzers/__init__.py
@@ -4,6 +4,7 @@
 from .awsaccesskeyanalyzer import AWSAccessKeyAnalyzer
 from .awssecretkeyanalyzer import AWSSecretKeyAnalyzer
 from .awssessiontokenanalyzer import AWSSessionTokenAnalyzer
+from .azuresubscriptionkeyanalyzer import AzureSubscriptionKeyAnalyzer
 from .base64analyzer import Base64Analyzer
 from .basicanalyzer import BasicAnalyzer
 from .battlenetkeyanalyzer import BattleNetKeyAnalyzer
@@ -45,6 +46,7 @@
     'AWSSecretKeyAnalyzer',
     'AWSAccessKeyAnalyzer',
     'AWSSessionTokenAnalyzer',
+    'AzureSubscriptionKeyAnalyzer',
     'Base64Analyzer',
     'BasicAnalyzer',
     'BattleNetKeyAnalyzer',

diff --git a/pastepwn/analyzers/azuresubscriptionkeyanalyzer.py b/pastepwn/analyzers/azuresubscriptionkeyanalyzer.py
@@ -0,0 +1,16 @@
+# -*- coding: utf-8 -*-
+from .regexanalyzer import RegexAnalyzer
+
+
+class AzureSubscriptionKeyAnalyzer(RegexAnalyzer):
+    """
+    Analyzer to match Azure subscription key via regex
+
+    Keys are 32 character alphanumeric (lower case)
+    """
+    name = "AzureSubscriptionKeyAnalyzer"
+
+    def __init__(self, actions):
+        # https://docs.microsoft.com/en-us/azure/api-management/api-management-subscriptions
+        regex = r"\b[a-f0-9]{32}\b"
+        super().__init__(actions, regex)
diff --git a/pastepwn/analyzers/tests/azuresubscriptionkeyanalyzer_test.py b/pastepwn/analyzers/tests/azuresubscriptionkeyanalyzer_test.py
@@ -0,0 +1,61 @@
+# -*- coding: utf-8 -*-
+import unittest
+from unittest import mock
+
+from pastepwn.analyzers.azuresubscriptionkeyanalyzer import AzureSubscriptionKeyAnalyzer
+
+
+class TestAzureSubscriptionKeyAnalyzer(unittest.TestCase):
+
+    def setUp(self):
+        self.analyzer = AzureSubscriptionKeyAnalyzer(None)
+        self.paste = mock.Mock()
+
+    def test_match_positive(self):
+        """Test if positives are recognized"""
+        # google key dump
+        self.paste.body = "74796abfc83c49bba7458746266abd28"
+        self.assertTrue(self.analyzer.match(self.paste))
+
+        # google key dump
+        self.paste.body = "00000000000000000000000000000000"
+        self.assertTrue(self.analyzer.match(self.paste))
+
+        # google key dump
+        self.paste.body = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        self.assertTrue(self.analyzer.match(self.paste))
+
+        # google key dump
+        self.paste.body = "a32324343543bcdea32324343543bcde"
+        self.assertTrue(self.analyzer.match(self.paste))
+
+        # key appearing in the middle of a string
+        self.paste.body = "my azure key is: a32324343543bcdea32324343543bcde, aaaa"
+        self.assertTrue(self.analyzer.match(self.paste))
+
+    def test_match_negative(self):
+        """Test if negatives are not recognized"""
+        self.paste.body = ""
+        self.assertFalse(self.analyzer.match(self.paste))
+
+        self.paste.body = None
+        self.assertFalse(self.analyzer.match(self.paste))
+
+        # Invalid characters
+        self.paste.body = "aaaaaaaaaaaaaaa-aaaaaaaaaaaaaaaa"
+        self.assertFalse(self.analyzer.match(self.paste))
+
+        # Invalid casing
+        self.paste.body = "AAAAAAAABBBB11111111111111111111"
+        self.assertFalse(self.analyzer.match(self.paste))
+
+        # Invalid length
+        self.paste.body = "AAAAAAAAAA"
+        self.assertFalse(self.analyzer.match(self.paste))
+
+        # Invalid length
+        self.paste.body = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+        self.assertFalse(self.analyzer.match(self.paste))
+
+if __name__ == '__main__':
+    unittest.main()