search

CERT-Polska / mwdblib

Client library for the mwdb service by CERT Polska.
https://mwdblib.readthedocs.io/en/latest/
MIT License
40 stars 13 forks source link

Report confirmation messages to stderr instead of stdout #76

Closed nazywam closed 2 years ago

nazywam commented 2 years ago

Right now, the fetch command outputs the confirmation message to stdout. This is a big no no if we're trying to read the output using jq or other tools.

mwdb fetch 543072873615f9afd57d9c4b9d95ae23fe2f15d29825c42c856094ea851421a8 - 2>/dev/null
{
    "type": "agenttesla",
    "email": "info@nexcourier.ae",
    "raw_cfg": {
        "in-blob": "fc3029e8d40cfa3a6f318bdd49b3dc3b1015dd5593d008e3388836f91e0643e1"
    },
    "email_to": "sinooceancnlogistice@vivaldi.net",
    "exfiltration_method": "smtp"
}
Downloaded 543072873615f9afd57d9c4b9d95ae23fe2f15d29825c42c856094ea851421a8 => -

I'm not 100% sure about the designation of print_confirmation though, it seems like it should be there just to report some details about the command success. But on the other hand, -o short seems to be using it for reporting the command output?

closes #75