eblume/kingfisher
1
0
Fork 0
forked from mirrors/kingfisher
Code Pull requests Activity Actions
kingfisher/crates/kingfisher-rules/data/rules/truenas.yml
Mick Grove e6dd9cd7db v1.90.0
2026-03-18 17:06:55 -07:00

160 lines
6 KiB
YAML
Raw Permalink Blame History

rules:
- name: TrueNAS Instance URL
id: kingfisher.truenas.3
visible: false
confidence: medium
min_entropy: 2.0
pattern: |
(?x)
\b
(
https?://[a-zA-Z0-9._:-]+
)
/api/v2\.0/
(?:system|pool|device|sharing|jail|vm|chart|app|zvol|dataset|replication|snapshot|boot|tunable|smb|nfs|iscsi|certificate|acme|filesystem|reporting|alert|update|core|initshutdownscript)
examples:
- http://192.168.0.30/api/v2.0/system/info
- https://truenas.example.com/api/v2.0/device/get_info
- https://nas.local:443/api/v2.0/pool/dataset
- http://10.0.0.1/api/v2.0/sharing/smb
- https://truenas.local/api/v2.0/jail/query
- http://192.168.1.50:80/api/v2.0/zvol/id
- https://nas:443/api/v2.0/boot/environment
references:
- https://www.truenas.com/docs/api/scale_rest_api.html
- name: TrueNAS API Key (WebSocket)
id: kingfisher.truenas.1
pattern: |
(?x)
"params"\s*:\s*\[\s*"
(\d+-[a-zA-Z0-9]{64})
"\s*\]
pattern_requirements:
min_digits: 2
min_entropy: 3.3
confidence: medium
examples:
- '{"id":"3286a508-a6ca-278a-c078-85b2b515d8d2", "msg":"method", "method":"auth.login_with_api_key", "params":["8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu"]}'
- '{"id":"677d9914-f598-f497-e77e-2a3aadbb822e", "msg":"method", "method":"auth.login_with_api_key", "params" : ["9-hTSZDBPyg0PjRZvWb8omoxJ7X2gAjRGmiPKql9ENGIUP9OPtEAzz5f6g9YIMVbZT"]}'
- '{"id":"2755dad4-cc12-94bb-a894-ba0f85c3fdbf", "msg":"method", "method":"auth.login_with_api_key", "params" : [ "10-6LZBVhNq8zze0rzXJptfSWDBoskWuThnQb3fUVw4sVNgJ7GKT3ITVIovhwPf34oL" ]}'
- |
{
"id": "2755dad4-cc12-94bb-a894-ba0f85c3fdbf",
"msg": "method",
"method": "auth.login_with_api_key",
"params": [
"10-6LZBVhNq8zze0rzXJptfSWDBoskWuThnQb3fUVw4sVNgJ7GKT3ITVIovhwPf34oL"
]
}
references:
- https://www.truenas.com/docs/api/core_websocket_api.html
- https://www.truenas.com/docs/api/scale_rest_api.html
- https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/
- https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/
- https://www.truenas.com/docs/scale/api/
- https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/
depends_on_rule:
- rule_id: kingfisher.truenas.3
variable: TRUENAS_URL
validation:
type: Http
content:
request:
method: GET
url: "{{ TRUENAS_URL }}/api/v2.0/system/info"
headers:
Authorization: "Bearer {{ TOKEN }}"
Accept: application/json
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: JsonValid
- name: TrueNAS API Key (REST API)
id: kingfisher.truenas.2
pattern: |
(?x)
/api/v2\.0
(?:.|[\n\r]){0,256}?
Bearer\s+
(\d+-[a-zA-Z0-9]{64})
\b
pattern_requirements:
min_digits: 2
min_entropy: 3.3
confidence: medium
examples:
- 'curl -X POST "http://192.168.0.30/api/v2.0/device/get_info" -H "Content-Type: application/json" -H "Authorization: Bearer 8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu" -d "\"SERIAL\""'
references:
- https://www.truenas.com/docs/api/core_websocket_api.html
- https://www.truenas.com/docs/api/scale_rest_api.html
- https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/
- https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/
- https://www.truenas.com/docs/scale/api/
- https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/
depends_on_rule:
- rule_id: kingfisher.truenas.3
variable: TRUENAS_URL
validation:
type: Http
content:
request:
method: GET
url: "{{ TRUENAS_URL }}/api/v2.0/system/info"
headers:
Authorization: "Bearer {{ TOKEN }}"
Accept: application/json
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: JsonValid
- name: TrueNAS API Key (keyword proximity)
id: kingfisher.truenas.4
pattern: |
(?xi)
\b(?:truenas|true[_-]nas|tn[_-])
(?:.|[\n\r]){0,64}?
(?:api[_-]?key|api[_-]?token|key|token|secret|password|auth)
(?:.|[\n\r]){0,32}?
(
\d+-[a-zA-Z0-9]{64}
)
\b
pattern_requirements:
min_digits: 2
min_entropy: 3.3
confidence: medium
examples:
- 'TRUENAS_API_KEY=8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu'
- 'truenas_token: "10-6LZBVhNq8zze0rzXJptfSWDBoskWuThnQb3fUVw4sVNgJ7GKT3ITVIovhwPf34oL"'
- '"truenas_api_key": "9-hTSZDBPyg0PjRZvWb8omoxJ7X2gAjRGmiPKql9ENGIUP9OPtEAzz5f6g9YIMVbZT"'
- 'tn_api_key = "8-Lp22ov7halMBLUpG97Wg4y7fibQi3CW19VJiZcCu746zgCs0mdDdTCoOcpgEucgu"'
- 'true-nas_secret=9-hTSZDBPyg0PjRZvWb8omoxJ7X2gAjRGmiPKql9ENGIUP9OPtEAzz5f6g9YIMVbZT'
references:
- https://www.truenas.com/docs/api/core_websocket_api.html
- https://www.truenas.com/docs/api/scale_rest_api.html
- https://www.truenas.com/docs/scale/scaletutorials/toptoolbar/managingapikeys/
- https://www.truenas.com/docs/scale/scaleclireference/auth/cliapikey/
- https://www.truenas.com/docs/scale/api/
- https://www.truenas.com/community/threads/api-examples-in-perl-python.108053/
depends_on_rule:
- rule_id: kingfisher.truenas.3
variable: TRUENAS_URL
validation:
type: Http
content:
request:
method: GET
url: "{{ TRUENAS_URL }}/api/v2.0/system/info"
headers:
Authorization: "Bearer {{ TOKEN }}"
Accept: application/json
response_matcher:
- report_response: true
- type: StatusMatch
status: [200]
- type: JsonValid
View git blame Copy permalink