forked from mirrors/kingfisher
0f953f59a5
Why: Hyperscan doesn’t support lookaheads/behinds, so many “must contain X and Y” checks had to be baked into the regex (hurting readability) or were impossible. pattern_requirements applies lightweight, in-memory checks after a match is found, keeping patterns fast and clean.
95 lines
No EOL
3.9 KiB
YAML
95 lines
No EOL
3.9 KiB
YAML
rules:
|
|
- name: Blynk Device Access Token
|
|
id: kingfisher.blynk.1
|
|
pattern: |
|
|
(?xi)
|
|
https://(?:fra1\.|lon1\.|ny3\.|sgp1\.|blr1\.)*blynk\.cloud/external/api/[A-Z0-9/]*\?token=
|
|
([A-Z0-9_\-]{32})
|
|
&
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- curl "https://blynk.cloud/external/api/get?token=Rps15JICmtRVbFyS_95houlLbm6xIQ2L&V1"
|
|
- curl "https://fra1.blynk.cloud/external/api/get?token=Rps15JICmtRVbFyS_95houlLbm6xIQ2L&V1"
|
|
- curl "https://lon1.blynk.cloud/external/api/get?token=Rps15JICmtRVbFyS_95houlLbm6xIQ2L&V1"
|
|
- curl "https://blynk.cloud/external/api/update/property?token=Rps15JICmtRVbFyS_95houlLbm6xIQ2L&pin=v1&isDisabled=true"
|
|
- name: Blynk Organization Access Token
|
|
id: kingfisher.blynk.2
|
|
pattern: |
|
|
(?xi)
|
|
https://(?:fra1\.|lon1\.|ny3\.|sgp1\.|blr1\.)*blynk\.cloud/api/[A-Z0-9_\-\s/\\]*
|
|
-H\s*"Authorization:\s*Bearer\s*
|
|
([A-Z0-9_\-]{40})
|
|
"
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'curl https://fra1.blynk.cloud/api/organization/profile -H "Authorization: Bearer eIdWHQqRfFmvP5LDDh-IGxPUzi7I27HthzCPAVmS"'
|
|
- |
|
|
curl https://fra1.blynk.cloud/api/organization/profile \
|
|
-H "Authorization: Bearer eIdWHQqRfFmvP5LDDh-IGxPUzi7I27HthzCPAVmS"
|
|
- name: Blynk Organization Access Token
|
|
id: kingfisher.blynk.3
|
|
pattern: |
|
|
(?xi)
|
|
-H\s*"Authorization:\s*Bearer\s*
|
|
([A-Z0-9_\-]{40})
|
|
"[\s\\]*https://(?:fra1\.|lon1\.|ny3\.|sgp1\.|blr1\.)*blynk\.cloud/api
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'curl -H "Authorization: Bearer eIdWHQqRfFmvP5LDDh-IGxPUzi7I27HthzCPAVmS" https://fra1.blynk.cloud/api/organization/profile'
|
|
- |
|
|
curl -H "Authorization: Bearer eIdWHQqRfFmvP5LDDh-IGxPUzi7I27HthzCPAVmS" \
|
|
https://fra1.blynk.cloud/api/organization/profile
|
|
- name: Blynk Organization Client Credentials
|
|
id: kingfisher.blynk.8
|
|
pattern: |
|
|
(?xi)
|
|
https://(?:fra1\.|lon1\.|ny3\.|sgp1\.|blr1\.)*blynk\.cloud/oauth2/[A-Z0-9_\-\s/\\?=&]*
|
|
(oa2-client-id_[A-Z0-9_\-]{32})
|
|
(?: : | &client_secret= )
|
|
([A-Z0-9_\-]{40})
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'curl -X POST https://fra1.blynk.cloud/oauth2/token?grant_type=client_credentials -u oa2-client-id_zmNtW-D0Toqpz4AZnBLCIlklBrz9ynU-:5uC5Y4Mcvdl5rB56rBmxnvB4DZgiIpcyTPbOoEWp'
|
|
- |
|
|
curl -X POST https://fra1.blynk.cloud/oauth2/token?grant_type=client_credentials \
|
|
-u oa2-client-id_zmNtW-D0Toqpz4AZnBLCIlklBrz9ynU-:5uC5Y4Mcvdl5rB56rBmxnvB4DZgiIpcyTPbOoEWp
|
|
- 'curl -X POST https://fra1.blynk.cloud/oauth2/token?grant_type=client_credentials&client_id=oa2-client-id_zmNtW-D0Toqpz4AZnBLCIlklBrz9ynU-&client_secret=5uC5Y4Mcvdl5rB56rBmxnvB4DZgiIpcyTPbOoEWp'
|
|
- name: Blynk Organization Client Credentials
|
|
id: kingfisher.blynk.9
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(oa2-client-id_[A-Z0-9_\-]{32})
|
|
:([A-Z0-9_\-]{40})
|
|
[\s\\]*https://(fra1\.|lon1\.|ny3\.|sgp1\.|blr1\.)*blynk\.cloud/oauth2
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_uppercase: 1
|
|
min_lowercase: 1
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'curl -X POST -u oa2-client-id_zmNtW-D0Toqpz4AZnBLCIlklBrz9ynU-:5uC5Y4Mcvdl5rB56rBmxnvB4DZgiIpcyTPbOoEWp https://fra1.blynk.cloud/oauth2/token?grant_type=client_credentials'
|
|
- |
|
|
curl -X POST -u oa2-client-id_zmNtW-D0Toqpz4AZnBLCIlklBrz9ynU-:5uC5Y4Mcvdl5rB56rBmxnvB4DZgiIpcyTPbOoEWp \
|
|
https://fra1.blynk.cloud/oauth2/token?grant_type=client_credentials |