Adds jsecrets cmd, basic secrets test
This commit is contained in:
Tom Hudson
@@ -2,7 +2,7 @@ package jsluice
|
||||
|
||||
import "testing"
|
||||
|
||||
func TestAnalyzerBasic(t *testing.T) {
|
||||
func TestAnalyzerBasicURLs(t *testing.T) {
|
||||
a := NewAnalyzer([]byte(`
|
||||
function foo(){
|
||||
document.location = "/logout"
|
||||
@@ -19,3 +19,24 @@ func TestAnalyzerBasic(t *testing.T) {
|
||||
t.Errorf("Expected first URL to be '/logout'; got %s", urls[0].URL)
|
||||
}
|
||||
}
|
||||
|
||||
func TestAnalyzerBasicSecrets(t *testing.T) {
|
||||
a := NewAnalyzer([]byte(`
|
||||
function foo(){
|
||||
return {
|
||||
awsKey: "AKIAIOSFODNN7EXAMPLE",
|
||||
secret: "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
|
||||
}
|
||||
}
|
||||
`))
|
||||
|
||||
secrets := a.GetSecrets()
|
||||
|
||||
if len(secrets) != 1 {
|
||||
t.Errorf("Expected exactly 1 secret; got %d", len(secrets))
|
||||
}
|
||||
|
||||
if secrets[0].Kind != "AWSAccessKey" {
|
||||
t.Errorf("Expected first secret kind to be AWSAccessKey; got %s", secrets[0].Kind)
|
||||
}
|
||||
}
|
||||
|
||||
43
cmd/jsecrets/main.go
Normal file
43
cmd/jsecrets/main.go
Normal file
@@ -0,0 +1,43 @@
|
||||
package main
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"flag"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
|
||||
"github.com/bishopfoxmss/jsluice"
|
||||
"github.com/pkg/profile"
|
||||
)
|
||||
|
||||
func main() {
|
||||
var profileMode bool
|
||||
flag.BoolVar(&profileMode, "profile", false, "Profile cpu usage and save a cpu.pprof file in the current dir")
|
||||
flag.Parse()
|
||||
|
||||
if profileMode {
|
||||
defer profile.Start(profile.ProfilePath(".")).Stop()
|
||||
}
|
||||
|
||||
filename := flag.Arg(0)
|
||||
|
||||
source, err := ioutil.ReadFile(filename)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
analyzer := jsluice.NewAnalyzer(source)
|
||||
|
||||
matches := analyzer.GetSecrets()
|
||||
for _, match := range matches {
|
||||
|
||||
match.Filename = filename
|
||||
|
||||
j, err := json.Marshal(match)
|
||||
if err != nil {
|
||||
continue
|
||||
}
|
||||
fmt.Printf("%s\n", j)
|
||||
}
|
||||
}
|
||||
@@ -102,7 +102,7 @@ func AllSecretMatchers() []SecretMatcher {
|
||||
if strings.Contains(k, "secret") {
|
||||
// TODO: check format of value
|
||||
// TODO: think of a way to handle multiple secrets in the same object?
|
||||
data["secret"] = o.getStringI(k, "")
|
||||
data["secret"] = DecodeString(o.getStringI(k, ""))
|
||||
break
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user