eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/azurebatch.yml
Mick Grove 45a565fa6e added more rules
2026-04-06 22:18:58 -07:00

71 lines
2.5 KiB
YAML
Raw Permalink Blame History

rules:
- name: Azure Batch Account Key
id: kingfisher.azurebatch.1
pattern: |
(?x)
\b
(?:
(?i:azure[_\s-]*batch[_\s-]*(?:key|account[_\s-]*key|access[_\s-]*key))
|
(?i:batch[_\s-]*account[_\s-]*key)
)
(?:.|[\n\r]){0,16}?
(
[A-Za-z0-9+/]{86}==
)
pattern_requirements:
min_digits: 2
min_uppercase: 2
min_lowercase: 2
min_special_chars: 1
min_entropy: 4.0
confidence: medium
categories: [api, key]
examples:
- 'AZURE_BATCH_KEY=oqb4TdY9T0hphvktd5fJnMiHuQqzVy1jd5sSuOpAbGkaoqTlrHl0BOJN2okcasinVLOJzfDbZo1L+ASt68RAhA=='
validation:
type: Http
content:
request:
method: GET
url: '{{ BATCH_URL }}/applications?api-version=2020-09-01.12.0'
headers:
Accept: application/json
Content-Type: application/json
Date: '{{ REQUEST_RFC1123_DATE }}'
Authorization: |
{%- assign host = BATCH_URL | split: "://" | last | split: "/" | first -%}
{%- assign account_name = host | split: "." | first -%}
{%- assign resource_path = "/" | append: account_name | append: "/applications" | downcase -%}
{%- assign string_to_sign = "GET\n\n\n\n\napplication/json\n" | append: REQUEST_RFC1123_DATE | append: "\n\n\n\n\n\n" | append: resource_path | append: "\napi-version:2020-09-01.12.0" -%}
{%- assign signature = string_to_sign | hmac_sha256_b64key: TOKEN -%}
SharedKey {{ account_name }}:{{ signature }}
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: JsonValid
depends_on_rule:
- rule_id: kingfisher.azurebatch.2
variable: BATCH_URL
references:
- https://learn.microsoft.com/en-us/azure/batch/batch-account-create-portal
- https://learn.microsoft.com/en-us/rest/api/batchservice/authenticate-requests-to-the-azure-batch-service
- name: Azure Batch Account Endpoint
id: kingfisher.azurebatch.2
pattern: |
(?xi)
\b
(
https://[a-z0-9-]+\.[a-z0-9-]+\.batch\.azure\.com
)
\b
min_entropy: 1.0
confidence: medium
visible: false
examples:
- BATCH_URL=https://mybatch.westus.batch.azure.com
- batchAccountUrl="https://contoso-prod.eastus.batch.azure.com"
references:
- https://learn.microsoft.com/en-us/rest/api/batchservice/authenticate-requests-to-the-azure-batch-service
View git blame Copy permalink