diff --git a/pywhat/Data/regex.json b/pywhat/Data/regex.json index e01426d..0d06164 100644 --- a/pywhat/Data/regex.json +++ b/pywhat/Data/regex.json @@ -1015,7 +1015,7 @@ }, { "Name": "SSHPass Clear Password Argument", - "Regex": "^(sshpass [^\\n]*-p[ ]+[^ ]+)$", + "Regex": "^(sshpass [^\\n]*-p\\s+[^ ]+)$", "plural_name": false, "Description": null, "Rarity": 1, @@ -1026,6 +1026,30 @@ "Bug Bounty" ] }, + { + "Name": "Mount Command With Clear Credentials", + "Regex": "^(mount(.cifs)?\\s+[^\\n]*(username=[^, \\n]+[^\\n ]*password=[^, \\n]+|password=[^, \\n]+[^\\n ]*username=[^, \\n]+))$", + "plural_name": false, + "Description": null, + "Rarity": 1, + "URL": null, + "Tags": [ + "Credentials", + "Bug Bounty" + ] + }, + { + "Name": "CIFS Fstab Entry With Clear Credentials", + "Regex": "^(cifs\\s+[^\\n]*(username=[^, \\n]+[^\\n ]*password=[^, \\n]+|password=[^, \\n]+[^\\n ]*username=[^, \\n]+))$", + "plural_name": false, + "Description": null, + "Rarity": 1, + "URL": null, + "Tags": [ + "Credentials", + "Bug Bounty" + ] + }, { "Name": "Google Cloud Platform API Key", "Regex": "(?i)^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[0-9a-fA-F]{12})$", @@ -1783,7 +1807,7 @@ "ObjectID" ] }, - + { "Name": "Recent Unix Timestamp", "Regex": "^([0-9]{10})$", diff --git a/tests/test_regex_formatting.py b/tests/test_regex_formatting.py index f657611..65b5cc2 100644 --- a/tests/test_regex_formatting.py +++ b/tests/test_regex_formatting.py @@ -19,7 +19,7 @@ def test_name_capitalization(): assert word.title() == word, ( f'Wrong capitalization in regex name: "{entry_name}"\n' f'Expected: "{entry_name.title()}"\n' - "Please capitalize every the first letter of each word." + "Please capitalize the first letter of each word." ) diff --git a/tests/test_regex_identifier.py b/tests/test_regex_identifier.py index ea51253..52a1de6 100644 --- a/tests/test_regex_identifier.py +++ b/tests/test_regex_identifier.py @@ -1035,3 +1035,29 @@ def test_sshpass(): def test_sshpass_multiple_args(): res = r.check(["sshpass -P 'Please enter your password' -p MyPassw0RD!"]) _assert_match_first_item("SSHPass Clear Password Argument", res) + + +def test_mount_command(): + res = r.check(["mount -o username=myuser,password=password"]) + _assert_match_first_item("Mount Command With Clear Credentials", res) + + +def test_mountcifs_command(): + res = r.check(["mount.cifs -o username=myuser,password=password"]) + _assert_match_first_item("Mount Command With Clear Credentials", res) + + +def test_complex_mount_command(): + res = r.check( + [ + "mount -t cifs -osec=ntlmv2,password=S3cUr3D!,domain=mydomain,noserverino,username=H4x0r" + ] + ) + _assert_match_first_item("Mount Command With Clear Credentials", res) + + +def test_cifs_fstab_entry(): + res = r.check( + ["cifs uid=1000,password=password,gid=1000,noperm,nofail,username=myuser"] + ) + _assert_match_first_item("CIFS Fstab Entry With Clear Credentials", res)