forked from mirrors/kingfisher
38 lines
1 KiB
YAML
38 lines
1 KiB
YAML
rules:
|
|
- name: Clockwork SMS API Key
|
|
id: kingfisher.clockwork.1
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(?:clockwork|clockworksms)
|
|
(?:.|[\n\r]){0,32}?
|
|
(?:SECRET|PRIVATE|ACCESS|KEY|TOKEN|API)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[a-f0-9]{40}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 4
|
|
min_entropy: 3.5
|
|
confidence: medium
|
|
examples:
|
|
- clockwork_api_key=5a1c7e9d3b6f0a4c8d2e1f7a9b3c5d6e8f0a1b2c
|
|
- 'clockworksms access token: 9f0e1d2c3b4a59687766554433221100abcde123'
|
|
references:
|
|
- https://www.clockworksms.com/doc/
|
|
- https://www.clockworksms.com/doc/reference/faqs/security/
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://api.clockworksms.com/http/1.1/balance?key={{ TOKEN }}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: WordMatch
|
|
words:
|
|
- '"balance"'
|