This note is less about accessing Twitter API but more about Cyber Security where you run a curl command and based on the output from that command you try to figure out the firewall settings of the system. System 1 Configuration With Strict Firewall Where Our Curl Command For Accessing Twitter API is Not Working: (base) C:\Users\ash\Desktop>systeminfo OS Name: Microsoft Windows 10 Enterprise OS Version: 10.0.19042 N/A Build 19042 Processor(s): 1 Processor(s) Installed. [01]: AMD64 Family 23 Model 24 Stepping 1 AuthenticAMD ~2100 Mhz BIOS Version: HP R79 Ver. 01.10.03, 3/24/2020 Network Card(s): 4 NIC(s) Installed. [01]: Realtek RTL8822BE 802.11ac PCIe Adapter Connection Name: Wi-Fi DHCP Enabled: Yes DHCP Server: 192.168.1.1 IP address(es) [01]: 192.168.1.100 [02]: fe80::b1b2:6d59:f669:1b96 [03]: 2401:4900:47f1:b174:70f4:de28:6287:b1c9 [04]: 2401:4900:47f1:b174:b1b2:6d59:f669:1b96 [02]: Realtek PCIe GbE Family Controller Connection Name: Ethernet Status: Media disconnected [03]: Bluetooth Device (Personal Area Network) Connection Name: Bluetooth Network Connection Status: Media disconnected [04]: Check Point Virtual Network Adapter For Endpoint VPN Client Connection Name: Ethernet 2 DHCP Enabled: Yes DHCP Server: 10.79.251.145 IP address(es) [01]: 10.79.251.146 [02]: fe80::3df2:2a4:b2e1:cb0 Hyper-V Requirements: VM Monitor Mode Extensions: Yes Virtualization Enabled In Firmware: Yes Second Level Address Translation: Yes Data Execution Prevention Available: Yes System 2 Without Strict Firewall Where Curl Command is Working: C:\Users\Ashish Jain>systeminfo Host Name: LAPTOP-79RV456R OS Name: Microsoft Windows 10 Home Single Language OS Version: 10.0.19043 N/A Build 19043 OS Manufacturer: Microsoft Corporation OS Configuration: Standalone Workstation OS Build Type: Multiprocessor Free Registered Owner: Ashish Jain Registered Organization: Product ID: 00327-35105-52167-AAOEM Original Install Date: 3/14/2021, 6:33:25 AM System Boot Time: 7/14/2022, 5:34:13 PM System Manufacturer: LENOVO System Model: 81H7 System Type: x64-based PC Processor(s): 1 Processor(s) Installed. [01]: Intel64 Family 6 Model 78 Stepping 3 GenuineIntel ~2000 Mhz BIOS Version: LENOVO 8QCN26WW(V1.14), 12/29/2020 Windows Directory: C:\WINDOWS System Directory: C:\WINDOWS\system32 Boot Device: \Device\HarddiskVolume1 System Locale: en-us;English (United States) Input Locale: 00004009 Time Zone: (UTC+05:30) Chennai, Kolkata, Mumbai, New Delhi Total Physical Memory: 12,154 MB Available Physical Memory: 7,634 MB Virtual Memory: Max Size: 14,010 MB Virtual Memory: Available: 8,057 MB Virtual Memory: In Use: 5,953 MB Page File Location(s): C:\pagefile.sys Domain: WORKGROUP Logon Server: \\LAPTOP-79RV456R Hotfix(s): 15 Hotfix(s) Installed. [01]: KB5013887 [02]: KB4562830 [03]: KB4577586 [04]: KB4580325 [05]: KB4589212 [06]: KB5000736 [07]: KB5015807 [08]: KB5006753 [09]: KB5007273 [10]: KB5011352 [11]: KB5011651 [12]: KB5014032 [13]: KB5014035 [14]: KB5014671 [15]: KB5005699 Network Card(s): 4 NIC(s) Installed. [01]: VirtualBox Host-Only Ethernet Adapter Connection Name: VirtualBox Host-Only Network DHCP Enabled: No IP address(es) [01]: 192.168.56.1 [02]: fe80::f839:dc84:9a7b:3087 [02]: Realtek 8821CE Wireless LAN 802.11ac PCI-E NIC Connection Name: Wi-Fi Status: Media disconnected [03]: Realtek PCIe FE Family Controller Connection Name: Ethernet Status: Media disconnected [04]: Bluetooth Device (Personal Area Network) Connection Name: Bluetooth Network Connection Status: Media disconnected Hyper-V Requirements: VM Monitor Mode Extensions: Yes Virtualization Enabled In Firmware: Yes Second Level Address Translation: Yes Data Execution Prevention Available: Yes C:\Users\Ashish Jain> I was able to make a successful request from System 2: (base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/vantagepoint21" -H "Authorization: Bearer A***V" {"data":{"id":"96529689","name":"Ashish Jain","username":"vantagepoint21"}} (base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusk" -H "Authorization: Bearer A***V" {"data":{"id":"44196397","name":"Elon Musk","username":"elonmusk"}} The curl command is not working on the System 1. I think there is some issue being created by Network Firewall settings in my office laptop. From which I was not able to get a response from Twitter API. (base) C:\Users\ash\Desktop\twitter_api>curl "https://api.twitter.com/2/users/by/username/vantagepoint21" -H "Authorization: Bearer 9***2" curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. On further testing the "curl" command on 'System 1' for URLs with "http" and "https" protocols: (base) C:\Users\ash\Desktop>curl www.survival8.blogspot.com <HTML> <HEAD> <TITLE>Moved Permanently</TITLE> </HEAD> <BODY BGCOLOR="#FFFFFF" TEXT="#000000"> <H1>Moved Permanently</H1> The document has moved <A HREF="http://survival8.blogspot.com/">here</A>. </BODY> </HTML>Success for HTTP based URL
--- (base) C:\Users\ash\Desktop>curl https://survival8.blogspot.com curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate. (base) C:\Users\ash\Desktop>curl https://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092012) - The revocation function was unable to check revocation for the certificate.Failure for HTTPS based URL.
---Successful Testing With Another HTTP based URL:
(base) C:\Users\ash\Desktop>curl http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html <!DOCTYPE html> <html class='v2' dir='ltr' lang='en'> <head> <link href='https://www.blogger.com/static/v1/widgets/2975350028-css_bundle_v2.css' rel='stylesheet' type='text/css'/> <meta content='width=1100' name='viewport'/> <meta content='text/html; charset=UTF-8' http-equiv='Content-Type'/> <meta content='blogger' name='generator'/> <link href='http://survival8.blogspot.com/favicon.ico' rel='icon' type='image/x-icon'/> <link href='http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html' rel='canonical'/> <link rel="alternate" type="application/atom+xml" title="survival8 - Atom" href="http://survival8.blogspot.com/feeds/posts/default" /> <link rel="alternate" type="application/rss+xml" title="survival8 - RSS" href="http://survival8.blogspot.com/feeds/posts/default?alt=rss" /> <link rel="service.post" type="application/atom+xml" title="survival8 - Atom" href="https://draft.blogger.com/feeds/7823701911930369175/posts/default" /> <link rel="alternate" type="application/atom+xml" title="survival8 - Atom" href="http://survival8.blogspot.com/feeds/1169952638388485943/comments/default" /> <!--Can't find substitution for tag [blog.ieCssRetrofitLinks]--> <meta content='http://survival8.blogspot.com/2022/08/lets-talk-about-whataboutery.html' property='og:url'/> <meta content='Let’s talk about ‘Whataboutery’' property='og:title'/> <meta content=' what·about·ery [ˌwɒtəˈbaʊtəri] NOUN BRITISH the technique or practice of responding to an accusation or dif...' property='og:description'/> <title>survival8: Let’s talk about ‘Whataboutery’</title> <style id='page-skin-1' type='text/css'><!-- /* ----------------------------------------------- Blogger Template Style Name: Simple Designer: Blogger URL: www.blogger.com ----------------------------------------------- */ /* Content ----------------------------------------------- */ body { ...Also, note that if that was Authorization failure from Twitter API, then the output would still be a JSON format informative message:
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusk" -H "Authorization: Bearer 9***INCORRECT_BEARER_TOKEN***2" { "title": "Unauthorized", "type": "about:blank", "status": 401, "detail": "Unauthorized" }On a Side Note: Take a look at another error message from Twitter API:
(base) C:\Users\Ashish Jain>curl "https://api.twitter.com/2/users/by/username/elonmusj" -H "Authorization: Bearer A***V" { "errors": [ { "parameter":"username", "resource_id":"elonmusj", "value":"elonmusj", "detail":"User has been suspended: [elonmusj].", "title":"Forbidden", "resource_type":"user", "type":"https://api.twitter.com/2/problems/resource-not-found" } ] } Notice the typo in Elon Musk's user handle we provided in query: elonmusj
Monday, August 8, 2022
Accessing Twitter API From Two Systems. One With Firewall and Second Without Firewall
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment