search

whoot / Typo3Scan

Enumerate Typo3 version and extensions
GNU General Public License v2.0
170 stars 32 forks source link

added database variable declaration when checking extensions when using a custom user-agent #12

Closed definity closed 3 years ago

definity commented 3 years ago

If a customer user-agent is defined using the command-line argument --agent the script fails with the following error

 [+] Extension Search
Traceback (most recent call last):
  File "./typo3scan.py", line 199, in <module>
    main.run()
  File "./typo3scan.py", line 86, in run
    conn = sqlite3.connect(database)
                    check_404 = check.check_404()
UnboundLocalError: local variable 'database' referenced before assignment

The database variable is only ever set on line 43. This is part of the if/else statement that checks if the --agent command-line arg was present. See below.

        if (args.user_agent):
            user_agent = args.user_agent
        else:
            database = os.path.join(self.__path, 'lib', 'typo3scan.db')
            conn = sqlite3.connect(database)
            c = conn.cursor()
            c.execute('SELECT * FROM UserAgents ORDER BY RANDOM() LIMIT 1;')
            user_agent = c.fetchone()[0]
            c.close()
definity commented 3 years ago

Not sure if this is how you want to fix this bug, but it works. Ideally it might be better to define it once outside any conditional statements to avoid the duplication.