utiso / dorkbot

Command-line tool to scan Google search results for vulnerabilities
http://dorkbot.io
Other
512 stars 96 forks source link

"Query" Errors #2

Closed rickycoolige closed 6 years ago

rickycoolige commented 6 years ago

robot:~/dorkbot# ./dorkbot.py -i google -o engine=0099604576279661038117:vquegqft89g,query=filetype:php -s arachni Traceback (most recent call last): File "./dorkbot.py", line 177, in main() File "./dorkbot.py", line 69, in main index(db, args.indexer, args.indexer_options) File "./dorkbot.py", line 129, in index results = indexer_module.run(options) File "/root/dorkbot/indexers/google.py", line 46, in run return results UnboundLocalError: local variable 'results' referenced before assignment robot:~/dorkbot# Hello I am getting the above error... How can I resolve :(

jgor commented 6 years ago

Interesting! I get that error when running it with your engine id, but not with any of mine. Are you doing anything unique with your CSE that I could try re-creating?

rickycoolige commented 6 years ago

No.

Just running it normally, Thats the way I got it from google cse.....

----- Quote from jgor (notifications@github.com), on 15.03.2018 20:51 -----

Interesting! I get that error when running it with your engine id, but not with any of mine. Are you doing anything unique with your CSE that I could try re-creating?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [1], or mute the thread [2].

Links:

[1] https://github.com/utiso/dorkbot/issues/2#issuecomment-373568761 [2] https://github.com/notifications/unsubscribe-auth/AjcU4NeevDZrfl7KsV3hbqJyvcWy2lP1ks5tewyMgaJpZM4StFck

jgor commented 6 years ago

I notice all the examples I can find of id's are in the format: [21 numeric characters]:[11 alphanumeric], but yours is 22 characters on the left side. It also doesn't load at https://cse.google.com/cse/publicurl?cx=0099604576279661038117:vquegqft89g, but that could just be because it's private. Can you double-check that your id is correct? If so, maybe switch it to public if possible to help me troubleshoot it?

rickycoolige commented 6 years ago

here is the correct cse https://cse.google.com/cse/publicurl?cx=009604576279661038117:vquegqft89g

----- Quote from jgor (notifications@github.com), on 15.03.2018 21:03 -----

I notice all the examples I can find of id's are in the format: [21 numeric characters]:[11 alphanumeric], but yours is 22 characters on the left side. It also doesn't load at https://cse.google.com/cse/publicurl?cx=0099604576279661038117:vquegqft89g [1], but that could just be because it's private. Can you double-check that your id is correct? If so, maybe switch it to public if possible to help me troubleshoot it?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [2], or mute the thread [3].

Links:

[1] https://cse.google.com/cse/publicurl?cx=0099604576279661038117:vquegqft89g [2] https://github.com/utiso/dorkbot/issues/2#issuecomment-373570654 [3] https://github.com/notifications/unsubscribe-auth/AjcU4Pp0Ycw4jzAdDkisO84T6-KXD4xqks5tew97gaJpZM4StFck

jgor commented 6 years ago

Looks like it works for me with the correct cse. Work for you?

rickycoolige commented 6 years ago

NO... Thats why I am puzzeled, Do I need to make any changes to the script? I did not make any changes to dorkbot.py. Do I need to ?

Do I need to make any change anywhere..... THX for all your help..

----- Quote from jgor (notifications@github.com), on 15.03.2018 21:35 -----

Looks like it works for me with the correct cse. Work for you?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [1], or mute the thread [2].

Links:

[1] https://github.com/utiso/dorkbot/issues/2#issuecomment-373575815 [2] https://github.com/notifications/unsubscribe-auth/AjcU4Jr-o6YExTnxi-4gRvfC3SGycbtHks5texbxgaJpZM4StFck

jgor commented 6 years ago

Well it works correctly for me with the new cx value you have provided, so I'm going to need more information about your environment in order to troubleshoot this further.

Also the results from this CSE appear to be public websites from across the internet. Unless you have permission from all of these website owners, it is likely ILLEGAL to run some or all of these exploits against these websites. Please do not perform these attacks against websites you do not have explicit permission to test.