The authentication with Twitter failed, please check your API keys.

[Awaces]

Hi

I just found this awesome tool that might help me creating custom word lists based on my target. I just created a twitter developer account and edited the twofi.yml file.

However, my API key keeps getting revoked

[digininja]

If it is getting revoked then you are probably using it too much, try going a bit easier and spreading out your requests.

On Mon, 14 Mar 2022 at 13:40, Awaces @.***> wrote:

Hi

I just found this awesome tool that might help me creating custom word lists based on my target. I just created a twitter developer account and edited the twofi.yml file.

However, my API key keeps getting revoked

— Reply to this email directly, view it on GitHub https://github.com/digininja/twofi/issues/3, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWNM7KNLTSE32MNFIVDU746TJANCNFSM5QVSBTTQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you are subscribed to this thread.Message ID: @.***>

[Awaces]

@digininja Thanks for the quick reply. That's weird because it's actually the first time i'm using the API key and tool itself. I'm using the default command: sudo twofi -m 6 -u @KaliLinux

[DavlRannos]

Getting this error any wisdom on it... not getting revoked just authentication with twitter failed

[digininja]

I've just tried and it is working fine for me. @Awaces, sorry for not coming back on this, I missed your reply and then forgot about it.

Looking at the command, it looks like you are running a packaged version rather than from GitHub, please both of you try that.

The app does not need root permissions, so sudo isn't needed.

[digininja]

I've not seen this problem before so it could be something different, where are you seeing the error, in the Twitter interface?

On Mon, 14 Mar 2022 at 13:53, Awaces @.***> wrote:

@digininja https://github.com/digininja Thanks for the quick reply. That's weird because it's actually the first time i'm using the API key and tool itself. I'm using the default command: sudo twofi -m 6 -u @KaliLinux

— Reply to this email directly, view it on GitHub https://github.com/digininja/twofi/issues/3#issuecomment-1066821370, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWNDYJWGJTVHXPBDIXDU75AGDANCNFSM5QVSBTTQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you were mentioned.Message ID: @.***>

[areinhar]

I get the same authentication error with the packaged version included in Kali. The error shows up on the command line. When I tried the version from GitHub, I get a different error:

twofi.rb:83:in `rescue in twitter_search': uninitialized constant Twitter::Error::RequestTimeout (NameError)
Did you mean?  Twitter::Error::RequestEntityTooLarge
        from twofi.rb:81:in `twitter_search'
        from twofi.rb:200:in `block in <main>'
        from twofi.rb:199:in `each'
        from twofi.rb:199:in `<main>'
/usr/lib/ruby/vendor_ruby/twitter/rest/request.rb:97:in `fail_or_return_response_body': You currently have Essential access which includes access to Twitter API v2 endpoints only. If you need access to this endpoint, you’ll need to apply for Elevated access via the Developer Portal. You can learn more here: https://developer.twitter.com/en/docs/twitter-api/getting-started/about-twitter-api#v2-access-leve (Twitter::Error::Forbidden)
        from /usr/lib/ruby/vendor_ruby/twitter/rest/request.rb:41:in `perform'
        from /usr/lib/ruby/vendor_ruby/twitter/search_results.rb:26:in `initialize'
        from /usr/lib/ruby/vendor_ruby/twitter/rest/search.rb:34:in `new'
        from /usr/lib/ruby/vendor_ruby/twitter/rest/search.rb:34:in `search'
        from twofi.rb:82:in `twitter_search'
        from twofi.rb:200:in `block in <main>'
        from twofi.rb:199:in `each'
        from twofi.rb:199:in `<main>'

I did not apply for Elevated access in the Twitter Developer Portal.

[digininja]

I don't support anything other than the latest GitHub checkout so I can't help with the Kali version.

What version of ruby and the twitter gem are you using?

[areinhar]

ruby 3.0.4p208 (2022-04-12 revision 3fa771dded) [x86_64-linux-gnu] twitter (7.0.0)

[digininja]

I just tried to reproduce this and I've completely mangled my rvm setup so I'll have to rebuild that.

If I've not come back on this in a couple of weeks, remind me, I will sort it.

On Thu, 13 Oct 2022 at 16:08, areinhar @.***> wrote:

ruby 3.0.4p208 (2022-04-12 revision 3fa771dded) [x86_64-linux-gnu] twitter (7.0.0)

— Reply to this email directly, view it on GitHub https://github.com/digininja/twofi/issues/3#issuecomment-1277770729, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAA4SWJMDY7MVBHKLJPPCLLWDAQX5ANCNFSM5QVSBTTQ . You are receiving this because you were mentioned.Message ID: @.***>

[DavidFrds]

same for me, i keep getting this error :

The authentication with Twitter failed, please check your API keys.
If there is a bearer_token entry in your config file try removing that.

but my twofi.yml and credentials are corrects...

cat /etc/twofi/twofi.yml 
---
options:
  api_key: 6G...
  api_secret: m..

[digininja]

I think I may have just worked it out, how are you getting your access keys? This app is written using the original API which has been sunset by Twitter and so you can't create new keys for it. If you are creating the keys for the v2 API they won't work.

I've just signed up for a set of v2 dev keys and once I get them I'll work on updating the app to run with v2. I might rewrite it in Go while doing it, but will see.

[DavidFrds]

At first, i've been using API Keys and secret from my Consumer Keys where I created my Projects and Apps.

After reading your message, I thought I might be wrong so I used the Authentication Tokens : Access Token and Secret

I have absolutely no idea if im using the corrects credentials...

[digininja]

They look like v2 keys, to check, go here and see if they are listed.

https://apps.twitter.com/

This page lists the v1 keys which will work, anywhere else is v2 which won't.

[DavidFrds]

This link takes me to directly to > https://developer.twitter.com/en/portal/dashboard There, I have not choice but to create a project and generate v2 keys.. this is what I've done to have the credentials mentioned previously.

[digininja]

That's the issue then, you've got v2 creds when the app needs v1.

I've applied for v2 creds so as soon as I get them I'll fix it up.

[DavidFrds]

arrg.. thanks for your time anyway, good luck I'll stay tuned ;)