Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feat] Detector implementation for Azure API Management Direct Management Key #3938

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

[Feat] Detector implementation for Azure API Management Direct Management Key #3938

Changes from 1 commit
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
d46cec4
azuredirectmanagementapikey detector implementation and tests
abmussani Feb 24, 2025
3efd81c
add reference url
abmussani Feb 25, 2025
4378691
use sanehttpclient
abmussani Feb 25, 2025
f68b002
better regex
abmussani Feb 25, 2025
c70ca94
add prefix regex for key pattern
abmussani Feb 26, 2025
159a593
some refactoring
abmussani Feb 26, 2025
13b3967
cleanup some unnecessary logic for expiry formatting.
abmussani Feb 26, 2025
a76aa3d
improvise the regex to increase confidence level.
abmussani Feb 28, 2025
70511c8
remove \b from regex
abmussani Mar 3, 2025
82b61f7
implemented CustomFalsePositiveChecker interface.
abmussani Mar 6, 2025
c8b79b8
Merge branch 'main' into azuredirectmanagementapikey-detector-impl
abmussani Mar 6, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
add prefix regex for key pattern
  • Loading branch information
@abmussani
abmussani committed Feb 28, 2025
commit c70ca947a4edb21afc7a69878453bfd7574f14c6
6 changes: 3 additions & 3 deletions pkg/detectors/azuredirectmanagementkey/azuredirectmanagementkey.go
View file
Original file line number Diff line number Diff line change
@@ -28,8 +28,8 @@ var _ detectors.CustomFalsePositiveChecker = (*Scanner)(nil)

var (
defaultClient = common.SaneHttpClient()
urlPat = regexp.MustCompile(`https://([a-z0-9][a-z0-9-]{0,48}[a-z0-9])\.management\.azure-api\.net`) // https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.APIM.Name/
keyPat = regexp.MustCompile(`([a-zA-Z0-9+\/-]{86,88}={0,2})`) // Base64-encoded key
urlPat = regexp.MustCompile(`https://([a-z0-9][a-z0-9-]{0,48}[a-z0-9])\.management\.azure-api\.net`) // https://azure.github.io/PSRule.Rules.Azure/en/rules/Azure.APIM.Name/
keyPat = regexp.MustCompile(detectors.PrefixRegex([]string{"azure"}) + `\b([a-zA-Z0-9+\/-]{86,88}\b={0,2})`) // Base64-encoded key
)

// Keywords are used for efficiently pre-filtering chunks.
@@ -48,7 +48,7 @@ func (s Scanner) FromData(ctx context.Context, verify bool, data []byte) (result
for _, urlMatch := range urlMatches {
serviceName := urlMatch[1]
for _, keyMatch := range keyMatches {
resMatch := strings.TrimSpace(keyMatch[0])
resMatch := strings.TrimSpace(keyMatch[1])
url := fmt.Sprintf(
"%s/subscriptions/default/resourceGroups/default/providers/Microsoft.ApiManagement/service/%s/apis?api-version=2024-05-01",
urlMatch[0], serviceName,
10 changes: 4 additions & 6 deletions pkg/detectors/azuredirectmanagementkey/azuredirectmanagementkey_test.go
View file
Original file line number Diff line number Diff line change
@@ -12,14 +12,12 @@ import (

var (
validPattern = `
API_KEY=UJh1Wn7txjls2GPK1YxO9+3tpqQffSfxb+97PmT8j3cSQoXvGa74lCKpBqPeppTHCharbaMeKqKs/H4gA/go1w==
MANAGEMENT_API_URL=https://trufflesecuritytest.management.azure-api.net
SUBSCRIPTION_ID=4b9c0a0b-c862-472a-bca9-3027f18008bc
AZURE_MANGEMENT_API_KEY=UJh1Wn7txjls2GPK1YxO9+3tpqQffSfxb+97PmT8j3cSQoXvGa74lCKpBqPeppTHCharbaMeKqKs/H4gA/go1w==
AZURE_MANAGEMENT_API_URL=https://trufflesecuritytest.management.azure-api.net
`
invalidPattern = `
API_KEY=UJh1Wn7txjls2GPK1YxO9+3tpqQffSfxb+97PmT8j3cSQoXvGa74lCKp
MANAGEMENT_API_URL=https://trufflesecuritytest.management.azure-api.net
SUBSCRIPTION_ID=4b9c0a0b-c862-472a-bca9-3027f18008bc
AZURE_MANGEMENT_API_KEY=UJh1Wn7txjls2GPK1YxO9+3tpqQffSfxb+97PmT8j3cSQoXvGa74lCKp
AZURE_MANAGEMENT_API_URL=https://trufflesecuritytest.management.azure-api.net
`
)