Module: PWN::Plugins::TwitterAPI

Defined in:

lib/pwn/plugins/twitter_api.rb

Overview

This plugin converts images to readable text TODO: Convert all rest requests to POST instead of GET

Constant Summary

@@logger =

PWN::Plugins::PWNLogger.create

Class Method Summary

• .app_only_login(opts = {}) ⇒ Object

  Supported Method Parameters

  bearer_token = PWN::Plugins::TwitterAPI.app_only_login( consumer_key: ‘required - consumer key for app-only authentication’, consumer_secret: ‘optional - consumer secret (will prompt if nil)’ ).

• .app_only_logout(opts = {}) ⇒ Object

  Supported Method Parameters

  PWN::Plugins::TwitterAPI.logout( bearer_token: ‘required bearer_token returned from #app_only_login method’ ).

• .authors ⇒ Object

  Author(s)

  0day Inc.

• .help ⇒ Object

  Display Usage for this Module.

Class Method Details

.app_only_login(opts = {}) ⇒ Object

Supported Method Parameters

bearer_token = PWN::Plugins::TwitterAPI.app_only_login(

consumer_key: 'required - consumer key for app-only authentication',
consumer_secret: 'optional - consumer secret (will prompt if nil)'

)

# File 'lib/pwn/plugins/twitter_api.rb', line 19

public_class_method def self.app_only_login(opts = {})
  base_api_uri = 'https://api.twitter.com'

  consumer_key = opts[:consumer_key].to_s.strip.chomp.scrub
  consumer_secret = if opts[:consumer_secret].nil?
                      PWN::Plugins::AuthenticationHelper.mask_password(prompt: 'Consumer Secret')
                    else
                      opts[:consumer_secret].to_s.chomp.strip.scrub
                    end

  authz_str = Base64.strict_encode64("#{consumer_key}:#{consumer_secret}")
  http_headers = {}
  http_headers[:content_type] = 'application/x-www-form-urlencoded;charset=UTF-8'
  http_headers[:authorization] = "Basic #{authz_str}"

  @@logger.info("Logging into TwitterAPI REST API: #{base_api_uri}")
  browser_obj = PWN::Plugins::TransparentBrowser.open(browser_type: :rest)
  rest_client = browser_obj[:browser]::Request

  response = rest_client.execute(
    method: :post,
    url: "#{base_api_uri}/oauth2/token",
    headers: http_headers,
    payload: 'grant_type=client_credentials'
  )

  # Return array containing the post-authenticated TwitterAPI REST API token
  json_response = JSON.parse(response, symbolize_names: true)
  json_response[:access_token]
rescue StandardError => e
  raise e
end

.app_only_logout(opts = {}) ⇒ Object

Supported Method Parameters

PWN::Plugins::TwitterAPI.logout(

bearer_token: 'required bearer_token returned from #app_only_login method'

)

# File 'lib/pwn/plugins/twitter_api.rb', line 116

public_class_method def self.app_only_logout(opts = {})
  bearer_token = opts[:bearer_token]
  @@logger.info('Logging out...')
  # TODO: Terminate Session if Possible via API Call
  bearer_token = nil
rescue StandardError => e
  raise e
end

.authors ⇒ Object

Author(s)

0day Inc. <request.pentest@0dayinc.com>

# File 'lib/pwn/plugins/twitter_api.rb', line 127

public_class_method def self.authors
  "AUTHOR(S):
    0day Inc. <request.pentest@0dayinc.com>
  "
end

.help ⇒ Object

Display Usage for this Module

# File 'lib/pwn/plugins/twitter_api.rb', line 135

public_class_method def self.help
  puts "USAGE:
    bearer_token = #{self}.app_only_login(
      consumer_key: 'required - consumer key for app-only authentication',
      consumer_secret: 'optional - consumer secret (will prompt if nil)'
    )

    #{self}.app_only_logout(
      bearer_token: 'required bearer_token returned from #app_only_login method'
    )

    #{self}.authors
  "
end