This note is less about accessing Twitter API but more about Cyber Security where you run a curl command and based on the output from that command you try to figure out the firewall settings of the system.
System 1 Configuration With Strict Firewall Where Our Curl Command For Accessing Twitter API is Not Working:
(base) C:\Users\ash\Desktop>systeminfo
OS Name: Microsoft Windows 10 Enterprise
OS Version: 10.0.19042 N/A Build 19042
Processor(s): 1 Processor(s) Installed.
[01]: AMD64 Family 23 Model 24 Stepping 1 AuthenticAMD ~2100 Mhz
BIOS Version: HP R79 Ver. 01.10.03, 3/24/2020
Network Card(s): 4 NIC(s) Installed.
[01]: Realtek RTL8822BE 802.11ac PCIe Adapter
Connection Name: Wi-Fi
DHCP Enabled: Yes
DHCP Server: 192.168.1.1
IP address(es)
[01]: 192.168.1.100
[02]: fe80::b1b2:6d59:f669:1b96
[03]: 2401:4900:47f1:b174:70f4:de28:6287:b1c9
[04]: 2401:4900:47f1:b174:b1b2:6d59:f669:1b96
[02]: Realtek PCIe GbE Family Controller
Connection Name: Ethernet
Status: Media disconnected
[03]: Bluetooth Device (Personal Area Network)
Connection Name: Bluetooth Network Connection
Status: Media disconnected
[04]: Check Point Virtual Network Adapter For Endpoint VPN Client
Connection Name: Ethernet 2
DHCP Enabled: Yes
DHCP Server: 10.79.251.145
IP address(es)
[01]: 10.79.251.146
[02]: fe80::3df2:2a4:b2e1:cb0
Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
System 2 Without Strict Firewall Where Curl Command is Working:
C:\Users\Ashish Jain>systeminfo
Host Name: LAPTOP-79RV456R
OS Name: Microsoft Windows 10 Home Single Language
OS Version: 10.0.19043 N/A Build 19043
OS Manufacturer: Microsoft Corporation
OS Configuration: Standalone Workstation
OS Build Type: Multiprocessor Free
Registered Owner: Ashish Jain
Registered Organization:
Product ID: 00327-35105-52167-AAOEM
Original Install Date: 3/14/2021, 6:33:25 AM
System Boot Time: 7/14/2022, 5:34:13 PM
System Manufacturer: LENOVO
System Model: 81H7
System Type: x64-based PC
Processor(s): 1 Processor(s) Installed.
[01]: Intel64 Family 6 Model 78 Stepping 3 GenuineIntel ~2000 Mhz
BIOS Version: LENOVO 8QCN26WW(V1.14), 12/29/2020
Windows Directory: C:\WINDOWS
System Directory: C:\WINDOWS\system32
Boot Device: \Device\HarddiskVolume1
System Locale: en-us;English (United States)
Input Locale: 00004009
Time Zone: (UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi
Total Physical Memory: 12,154 MB
Available Physical Memory: 7,634 MB
Virtual Memory: Max Size: 14,010 MB
Virtual Memory: Available: 8,057 MB
Virtual Memory: In Use: 5,953 MB
Page File Location(s): C:\pagefile.sys
Domain: WORKGROUP
Logon Server: \\LAPTOP-79RV456R
Hotfix(s): 15 Hotfix(s) Installed.
[01]: KB5013887
[02]: KB4562830
[03]: KB4577586
[04]: KB4580325
[05]: KB4589212
[06]: KB5000736
[07]: KB5015807
[08]: KB5006753
[09]: KB5007273
[10]: KB5011352
[11]: KB5011651
[12]: KB5014032
[13]: KB5014035
[14]: KB5014671
[15]: KB5005699
Network Card(s): 4 NIC(s) Installed.
[01]: VirtualBox Host-Only Ethernet Adapter
Connection Name: VirtualBox Host-Only Network
DHCP Enabled: No
IP address(es)
[01]: 192.168.56.1
[02]: fe80::f839:dc84:9a7b:3087
[02]: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC
Connection Name: Wi-Fi
Status: Media disconnected
[03]: Realtek PCIe FE Family Controller
Connection Name: Ethernet
Status: Media disconnected
[04]: Bluetooth Device (Personal Area Network)
Connection Name: Bluetooth Network Connection
Status: Media disconnected
Hyper-V Requirements: VM Monitor Mode Extensions: Yes
Virtualization Enabled In Firmware: Yes
Second Level Address Translation: Yes
Data Execution Prevention Available: Yes
C:\Users\Ashish Jain>
I was able to make a successful request from System 2:
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/vantagepoint21" -H "Authorization: Bearer A***V"
{"data":{"id":"96529689","name":"Ashish Jain","username":"vantagepoint21"}}
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusk" -H "Authorization: Bearer A***V"
{"data":{"id":"44196397","name":"Elon Musk","username":"elonmusk"}}
The curl command is not working on the System 1.
I think there is some issue being created by Network Firewall settings in my office laptop. From which I was not able to get a response from Twitter API.
(base) C:\Users\ash\Desktop\twitter_api>curl "https://api.twitter.com/2/users/by/username/vantagepoint21" -H "Authorization: Bearer 9***2"
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
On further testing the "curl" command on 'System 1' for URLs with "http" and "https" protocols:
(base) C:\Users\ash\Desktop>curl www.survival8.blogspot.com
<HTML>
<HEAD>
<TITLE>Moved Permanently</TITLE>
</HEAD>
<BODY BGCOLOR="#FFFFFF" TEXT="#000000">
<H1>Moved Permanently</H1>
The document has moved <A HREF="http://survival8.blogspot.com/">here</A>.
</BODY>
</HTML>
Success for HTTP based URL
---
(base) C:\Users\ash\Desktop>curl https://survival8.blogspot.com
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
(base) C:\Users\ash\Desktop>curl https://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html
curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.
Failure for HTTPS based URL.
---
Successful Testing With Another HTTP based URL:
(base) C:\Users\ash\Desktop>curl http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html
<!DOCTYPE html>
<html class='v2' dir='ltr' lang='en'>
<head>
<link href='https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css' rel='stylesheet' type='text/css'/>
<meta content='width=1100' name='viewport'/>
<meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/>
<meta content='blogger' name='generator'/>
<link href='http://survival8.blogspot.com/favicon.ico' rel='icon' type='image/x-icon'/>
<link href='http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html' rel='canonical'/>
<link rel="alternate" type="application/atom+xml" title="survival8 - Atom" href="http://survival8.blogspot.com/feeds/posts/default" />
<link rel="alternate" type="application/rss+xml" title="survival8 - RSS" href="http://survival8.blogspot.com/feeds/posts/default?alt=rss" />
<link rel="service.post" type="application/atom+xml" title="survival8 - Atom" href="https://draft.blogger.com/feeds/7823701911930369175/posts/default" />
<link rel="alternate" type="application/atom+xml" title="survival8 - Atom" href="http://survival8.blogspot.com/feeds/1169952638388485943/comments/default" />
<!--Can't find substitution for tag [blog.ieCssRetrofitLinks]-->
<meta content='http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html' property='og:url'/>
<meta content='Let’s talk about ‘Whataboutery’' property='og:title'/>
<meta content=' what·about·ery [ˌwɒtəˈbaʊtəri] NOUN BRITISH the technique or practice of responding to an accusation or dif...' property='og:description'/>
<title>survival8: Let’s talk about ‘Whataboutery’</title>
<style id='page-skin-1' type='text/css'><!--
/*
-----------------------------------------------
Blogger Template Style
Name: Simple
Designer: Blogger
URL: www.blogger.com
----------------------------------------------- */
/* Content
----------------------------------------------- */
body { ...
Also, note that if that was Authorization failure from Twitter API, then the output would still be a JSON format informative message:
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusk" -H "Authorization: Bearer 9***INCORRECT_BEARER_TOKEN***2"
{
"title": "Unauthorized",
"type": "about:blank",
"status": 401,
"detail": "Unauthorized"
}
On a Side Note: Take a look at another error message from Twitter API:
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusj" -H "Authorization: Bearer A***V"
{ "errors":
[
{
"parameter":"username",
"resource_id":"elonmusj",
"value":"elonmusj",
"detail":"User has been suspended: [elonmusj].",
"title":"Forbidden",
"resource_type":"user",
"type":"https://api.twitter.com/2/problems/resource-not-found"
}
]
}
Notice the typo in Elon Musk's user handle we provided in query: elonmusj
Monday, August 8, 2022
Accessing Twitter API From Two Systems. One With Firewall and Second Without Firewall
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment