Closed psyray closed 2 months ago
Reproduced, working on it
Bug came from EyeWitness itself, explication here https://github.com/RedSiege/EyeWitness/pull/605
I've tested the patch, it works fine. I notice a huge load on the VM while screenshot to a lot of targets.
Problem here is that the code of EyeWitness need to be patched, it's quite hard to maintain. https://github.com/RedSiege/EyeWitness/pull/605/files
So we could filter the known bad url before, here using the semi column, and launch the task
I will try that way
Posted a new issue to see if we must circumvent this on our end : https://github.com/RedSiege/EyeWitness/issues/656
Is the space in your example URL intended?
ERROR: URL is - https://account.servicenow.com/sign-in?client_id=0oapi9ote73XCWSst0x7&redirect_uri=https://account.servicenow.com/auth&response_type=code&state=/profile/home?locale=en-us&scope=openid&source_id= account&locale=en-us
After the original MR, you would have had traceback because EyeWitness has no logic to handle invalid spaces (and I'm not entirely convinced there is a reason to build the logic since the traceback is sufficiently indicative of the error).
That is to say, https://github.com/RedSiege/EyeWitness/pull/605/files might prevent an incorrect malformed URL error, but will not handle the error resulting from the space in your example.
Anyway, https://github.com/RedSiege/EyeWitness/pull/659
To be clear though, this doesn't address that Eyewitness will stop completely on malformed URLs. Might be worth a new issue to address that explicitly-- to allow the rejection of a malformed URL, rather than completely stopping.
Is the space in your example URL intended?
ERROR: URL is - https://account.servicenow.com/sign-in?client_id=0oapi9ote73XCWSst0x7&redirect_uri=https://account.servicenow.com/auth&response_type=code&state=/profile/home?locale=en-us&scope=openid&source_id= account&locale=en-us
No, not intended. It's a copy-paste from the original issue on the legacy repository of reNgine During my test, I found that the problem came from the
://
, spaces were not a problem, or maybe I've fixed it while testing but didn't update the issue to fix the url space.To be clear though, this doesn't address that Eyewitness will stop completely on malformed URLs. Might be worth a new issue to address that explicitly-- to allow the rejection of a malformed URL, rather than completely stopping.
👍 Thanks for your clarification
Is there an existing issue for this?
Current Behavior
Submitted by @solo10010
The task of creating screenshots stops completely if EyeWitness encounters a strange URL
Expected Behavior
I expected that if errors occurred, the collection of screenshots would continue and not be interrupted completely.
Steps To Reproduce
Environment
Anything else?
No response