Closed shadow00 closed 2 years ago
Furthermore, it spams login attempts every time a user tries to run list
or help
- which is annoying at best, but could cause ratelimiting issues at worst (especially if they're having a problem with their credentials that they're trying to figure out)
I don't consider this an error, the tool was projected to runs the commands after the login, but maybe it would be better print the messages
Type 'list' to show all allowed commands
Type 'FILE=y' to save results to files like '<target username>_<command>.txt (deafult is disabled)'
Type 'FILE=n' to disable saving to files'
Type 'JSON=y' to export results to a JSON files like '<target username>_<command>.json (deafult is disabled)'
Type 'JSON=n' to disable exporting to files'
only after the login result.
Keep in mind we're talking about the list
and help
commands here. It makes no sense to perform a full login just to show a help message and then quit - and any cli program should be able to show a help message without doing anything else.
Think about it: a user downloads the program for the first time and they try to figure out how to use it. They try to pass the help
command to see how to use it and configure it, but the program fails silently without giving any output or error message, over and over again. What are they going to think of the program?
This is what's happening right now. The only reason why I noticed this is because I tried to run it through a debugger to see what was going on, instead of giving up. This is not a good user experience.
What should be happening instead:
list
or help
, show the help messages then quit - no login configuration requiredlist
or help
from within the event loop, then show them the messages and we stay in the loopOk, you are right. I will add this change in the next release, thank you!
This is a bad design: it makes it impossible to print the command list or even get a help message without having already configured the authentication credentials, because the program quits before ever reaching the command parsing section inside main.py.
The exception gets caught by line 1084:
https://github.com/Datalux/Osintgram/blob/2869d2c6efe8b2778d2fe93920f68fc8c38b839d/src/Osintgram.py#L1084
but since there's no 'challenge' in 'error'...
https://github.com/Datalux/Osintgram/blob/2869d2c6efe8b2778d2fe93920f68fc8c38b839d/src/Osintgram.py#L1091-L1093
the program simply quits without giving any indication of what's going on or any kind of debug message, because it never gets past line 121 in main:
https://github.com/Datalux/Osintgram/blob/2869d2c6efe8b2778d2fe93920f68fc8c38b839d/main.py#L121
This is all that gets shown to the user without having any valid credentials configured (but the files containing the credentials already exist):