-
Notifications
You must be signed in to change notification settings - Fork 0
/
api.txt
49 lines (31 loc) · 1.71 KB
/
api.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
Twirp is an API framework from Twitchtv, written in Go. The idea is that you can define your service in a Protobuf file, as defined here, and then it stands up the API based on that. The example .proto file is:
syntax = "proto3";
package twitch.twirp.example;
option go_package = "example";
// A Hat is a piece of headwear made by a Haberdasher.
message Hat {
// The size of a hat should always be in inches.
int32 size = 1;
// The color of a hat will never be 'invisible', but other than
// that, anything is fair game.
string color = 2;
// The name of a hat is it's type. Like, 'bowler', or something.
string name = 3;
}
// Size is passed when requesting a new hat to be made. It's always
// measured in inches.
message Size {
int32 inches = 1;
}
// A Haberdasher makes hats for clients.
service Haberdasher {
// MakeHat produces a hat of mysterious, randomly-selected color!
rpc MakeHat(Size) returns (Hat);
}
=======================================================================================================================================
Find .proto File
Understanding how Twirp works, I don’t see much value in fuzzing the API, but rather, I need to find the .proto file. I remember http://player2.htb/proto from gobuster above. That’s interesting. I’ll brute force for .proto files, and find one.
===========================================================================================================================================
https://twitchtv.github.io/twirp/docs/spec_v5.html
https://developers.google.com/protocol-buffers/docs/proto3
================================================================================================================================================