False break "information obtained" if single quotes in password

Va5c0 / Steghide-Brute-Force-Tool

Execute a brute force attack with Steghide to file with hide information and password established

GNU General Public License v3.0

117 stars 52 forks source link

False break "information obtained" if single quotes in password #3

Open pctripsesp opened 6 years ago

pctripsesp commented 6 years ago

Hi, first of all really nice work, this tool saves lot of time brute forcing steghide.

If the word get from dictionary contains a single quote (that happens in rockyou.txt for example), the Tool breaks with a false positive and error

[i] Searching... sh: 1: Syntax error: Unterminated quoted string
[+] Information obtained with password: Agustín'

scmanjarrez commented 6 years ago

Your PR #4 will also fail if double quote is found, ie: abc"'. I have made a PR #5 using built-in pipes.quote function to avoid this kind of problems.