Open ckuttruff opened 3 years ago
ckuttruff
commented
3 years ago @lanmaster53 this week is unfortunately pretty busy for me, but I'd be happy to submit a PR with fixes when I get the chance if you don't take care of it before then. Setting a reminder to circle back to this this weekend.
lanmaster53
commented
3 years ago @lanmaster53 this week is unfortunately pretty busy for me, but I'd be happy to submit a PR with fixes when I get the chance if you don't take care of it before then. Setting a reminder to circle back to this this weekend.
That would be awesome! I'm in no rush. It's been this way for this long without anyone complaining, so what's a few more days. Thanks!
Modules affected discovery/info_disclosure/cache_snoop, recon/repositories-vulnerabilities/github_dorks, recon/repositories-vulnerabilities/gists_search, recon/credentials-credentials/adobe, recon/domains-vulnerabilities/ghdb, recon/domains-domains/brute_suffix, recon/domains-hosts/brute_hosts
Bug Description When overriding options that specify data files in various modules, if the user overrides said file with a shorthand (eg:
~/foo.txt), the run will fail; reporting that the file could not be found.Steps to Reproduce (the following is one example, but applies to all cases of options referencing a data file that can be set by user
recon/repositories-vulnerabilities/gists_searchmodulefoo.txtoptions set KEYWORDS ~/foo.txtrunExpected Behavior Should run the gist module as expected; instead it errors out with:
Solution Use
os.path.expanduserfunction to expand the tilde shorthand so files can properly be found as in the following module: https://github.com/lanmaster53/recon-ng-marketplace/blob/master/modules/discovery/info_disclosure/interesting_files.py#L36Screenshots
Additional Context See the following discussion on PR 214: https://github.com/lanmaster53/recon-ng-marketplace/pull/214#issuecomment-933650057