-
Notifications
You must be signed in to change notification settings - Fork 98
/
Copy pathcredcheck.js
62 lines (55 loc) · 3.44 KB
/
credcheck.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
const args = require('yargs').argv;
const os = require('os');
const fs = require('fs');
const path = require('path');
function credcheck(dir) {
console.log('Path: ' + dir);
const redactDict = new Map();
// storage account keys
redactDict.set(/\\"keyName\\":\\"key1\\",\\"value\\":\\"(.*?)\\"/g, '\\"keyName\\":\\"key1\\",\\"value\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"keyName\\":\\"key2\\",\\"value\\":\\"(.*?)\\"/g, '\\"keyName\\":\\"key2\\",\\"value\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/;AccountKey=(.*?)(;|\\")/g, ';AccountKey=MGMT_PLACEHOLDER$2');
redactDict.set(/\\"primaryMasterKey\\":\\"(.*?)\\"/g, '\\"primaryMasterKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"primaryReadonlyMasterKey\\":\\"(.*?)\\"/g, '\\"primaryReadonlyMasterKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"secondaryMasterKey\\":\\"(.*?)\\"/g, '\\"secondaryMasterKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"secondaryReadonlyMasterKey\\":\\"(.*?)\\"/g, '\\"secondaryReadonlyMasterKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/;SharedAccessKey=(.*?)(;|\\")/g, ';SharedAccessKey=MGMT_PLACEHOLDER$2');
redactDict.set(/\\"primaryKey\\":\\"(.*?)\\"/g, '\\"primaryKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"secondaryKey\\":\\"(.*?)\\"/g, '\\"secondaryKey\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"accessSAS\\": \\"(.*?)\\"/g, '\\"accessSAS\\": \\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"administratorLoginPassword\\":\\"(.*?)\\"/g, '\\"administratorLoginPassword\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"permissions\\":\\"Full\\",\\"value\\":\\"(.*?)\\"/g, '\\"keyName\\":\\"key1\\",\\"value\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"adminPassword\\":{\\"type\\":\\"String\\",\\"value\\":\\"(.*?)\\"}/g, '\\"adminPassword\\":{\\"type\\":\\"String\\",\\"value\\":\\"MGMT_PLACEHOLDER\\"}');
redactDict.set(/\\"DOCKER_REGISTRY_SERVER_PASSWORD\\":\\"(.*?)\\"/g, '\\"DOCKER_REGISTRY_SERVER_PASSWORD\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"connectionString\\":\\"(.*?)\\"/g, '\\"connectionString\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/&sig=(.*?)(&|\\")/g, '&sig=MGMT_PLACEHOLDER&');
redactDict.set(/\\"primary\\":\\"(.*?)\\"/g, '\\"primary\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/\\"secondary\\":\\"(.*?)\\"/g, '\\"secondary\\":\\"MGMT_PLACEHOLDER\\"');
redactDict.set(/userPWD=\\"(.*?)\\"/g, 'userPWD=\\"MGMT_PLACEHOLDER\\"');
credcheckRecursive(dir, redactDict);
}
function credcheckRecursive(dir, redactDict) {
if (fs.existsSync(dir)) {
fs.readdirSync(dir).forEach(function(file, index) {
const curPath = path.join(dir, file);
if (fs.lstatSync(curPath).isDirectory()) {
// recurse
credcheckRecursive(curPath, redactDict);
} else {
if (curPath.endsWith('.json')) {
const content = fs.readFileSync(curPath).toString('utf8');
var redactedContent = content;
for (const [key, value] of redactDict.entries()) {
redactedContent = redactedContent.replace(key, value);
}
if (redactedContent !== content) {
console.log('File redacted: ' + curPath);
fs.writeFileSync(curPath, redactedContent);
}
}
}
});
}
}
const dir = args['path']
credcheck(dir);