eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions

Added X Consumer key detection and validation

Browse source
This commit is contained in:
Mick Grove 2025-08-09 08:45:27 -07:00
commit f1c3bcb56a
1 changed files with 58 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

59
data/rules/twitter.yml
View file

@ -1,6 +1,6 @@
rules:
- name: X / Twitter Bearer Token (App-only)
id: kingfisher.twitter.bearer.1
id: kingfisher.twitter.1
pattern: |
(?xi)
\b
@ -36,3 +36,60 @@ rules:
match_all_words: true
references:
- https://developer.x.com/en/docs/x-api/v1/developer-utilities/rate-limit-status/api-reference/get-application-rate_limit_status
- name: Twitter Consumer Key
id: kingfisher.twitter.2
pattern: |
(?xi)
\b
twitter
(?:.|[\n\r]){0,32}?
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
(?:.|[\n\r]){0,32}?
\b
(
[A-Z0-9]{25}
)
\b
min_entropy: 3.5
examples:
- "TWITTER_KEY=4RTBCyG2TbvL407A1lWxQFKCC"
- name: X / Twitter Consumer Secret
id: kingfisher.twitter.3
pattern: |
(?xi)
\b
twitter
(?:.|[\n\r]){0,32}?
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN)
(?:.|[\n\r]){0,32}?
\b
(
[A-Z0-9]{50}
)
\b
min_entropy: 4.5
examples:
- "TWITTER_SECRET=ZGwXeK2DNCqv49Z9ofwYdqlBgeoHDyh8uoAgHju6OeYC7wTQJq"
references:
- https://developer.x.com/en/docs/authentication/oauth-2-0/application-only
validation:
type: Http
content:
request:
method: POST
url: https://api.twitter.com/oauth2/token
headers:
Authorization: "Basic {{ TWITTER_KEY | append: ':' | append: TOKEN | b64enc }}"
Content-Type: "application/x-www-form-urlencoded;charset=UTF-8"
body: "grant_type=client_credentials"
response_matcher:
- type: StatusMatch
status: [200]
- type: WordMatch
words:
- '"token_type":"bearer"'
- '"access_token":'
match_all_words: true
depends_on_rule:
- rule_id: "kingfisher.twitter.2"
variable: TWITTER_KEY