Open scls19fr opened 6 months ago
Yes I know this problem as a pentester we must be efficient I prefer to stay on this format like tools such as netexec and co. It is possible to put a space before the command to prevent the command being stored in the bash history.
Maybe 2 options could be available
--password YourPass
or
--prompt-pwd
https://github.com/Syzik/DockerRegistryGrabber/blob/9e0c484e273055acb5bd81a69d6a65ab358a0683/drg.py#L188
Many CLI tools avoid to pass password as CLI argument to avoid this kind of data to be stored into bash history
Maybe you should provide an option to do something like
https://attack.mitre.org/techniques/T1552/003/