forked from mirrors/kingfisher
62 lines
1.7 KiB
YAML
62 lines
1.7 KiB
YAML
rules:
|
|
- name: Freshdesk Domain
|
|
id: kingfisher.freshdesk.1
|
|
visible: false
|
|
confidence: low
|
|
min_entropy: 0.0
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
(
|
|
[0-9a-z-]{1,63}\.freshdesk\.com
|
|
)
|
|
\b
|
|
examples:
|
|
- acme-support.freshdesk.com
|
|
- mycompany-helpdesk.freshdesk.com
|
|
|
|
- name: Freshdesk API Key
|
|
id: kingfisher.freshdesk.2
|
|
pattern: |
|
|
(?xi)
|
|
\b
|
|
freshdesk
|
|
(?:.|[\n\r]){0,64}?
|
|
(?:api[_-]?key|secret|private|access|key|token)
|
|
(?:.|[\n\r]){0,32}?
|
|
\b
|
|
(
|
|
[0-9A-Z]{20}
|
|
)
|
|
\b
|
|
pattern_requirements:
|
|
min_digits: 2
|
|
min_entropy: 3.3
|
|
confidence: medium
|
|
examples:
|
|
- 'FRESHDESK_API_KEY=abcdefghij1234567890'
|
|
- 'freshdesk token: ABCDEFGHIJ1234567890'
|
|
references:
|
|
- https://developers.freshdesk.com/api/#authentication
|
|
- https://developers.freshworks.com/docs/app-sdk/v3.0/support_agent/rest-apis/
|
|
depends_on_rule:
|
|
- rule_id: kingfisher.freshdesk.1
|
|
variable: FRESHDESK_DOMAIN
|
|
validation:
|
|
type: Http
|
|
content:
|
|
request:
|
|
method: GET
|
|
url: "https://{{ FRESHDESK_DOMAIN }}/api/v2/agents/me"
|
|
headers:
|
|
Accept: application/json
|
|
# Freshdesk API key auth is HTTP Basic where username=apikey and password can be any dummy value (commonly "X").
|
|
# Docs note you can use a dummy password and (when using Authorization header) base64("apikey:X")
|
|
Authorization: "Basic {{ TOKEN | append: ':X' | b64enc }}"
|
|
response_matcher:
|
|
- report_response: true
|
|
- type: StatusMatch
|
|
status: [200]
|
|
- type: JsonValid
|
|
- type: WordMatch
|
|
words: ['"id"']
|