Custom wordlist functionality addition for scan modules #1026
Conversation
pUrGe12
changed the title
|
@pUrGe12 custom wordlist functionality existed in Nettacker for many years it is just not well documented . Some of the improvements in PR1026 are sill welcome (e.g. you are welcome to add the new '-W' argument to define the wordlist to make the feature easier to use) Here is how to use the custom wordlist feature - add this to the command lie:
by default the relative path is assumed to be
Can you please update your PR (or submit a new one) which just sets the 'read_from_file' based on the '-W' argument. The rest of Nettacker (e.g. modules, fuzzer) do not need to be modified - the feature is already built-in! |
|
Updated based on the suggestion! |
nettacker/config.py
Outdated
| @@ -127,6 +127,7 @@ class DefaultSettings(ConfigBase): | |||
| scan_subdomains = False | |||
| selected_modules = None | |||
| url_base_path = None | |||
| user_wordlist = "" | |||
nettacker/core/arg_parser.py
Outdated
| "--wordlist", | ||
| action="store", | ||
| dest="user_wordlist", | ||
| default=Config.settings.user_wordlist, |
There was a problem hiding this comment.
should be 'read_from_file' nor user_wordlist - there is no value in creating unnecessary setting/variable
nettacker/core/module.py
Outdated
| @@ -39,6 +39,9 @@ def __init__( | |||
| self.module_inputs[module_extra_args] = self.module_inputs["modules_extra_args"][ | |||
| module_extra_args | |||
| ] | |||
| if options.user_wordlist: | |||
| self.module_inputs["read_from_file"] = options.user_wordlist | |||
There was a problem hiding this comment.
unnecessary copy - just use 'read_from_file' - no need to create an additional user_wordlist, only to copy it into 'read_from_file'
nettacker/locale/en.yaml
Outdated
| @@ -35,6 +35,7 @@ cannot_run_api_server: You can't run API Server through itself! | |||
| error_target: Cannot specify the target(s) | |||
| error_target_file: "Cannot specify the target(s), unable to open file: {0}" | |||
| error_username: "Cannot specify the username(s), unable to open file: {0}" | |||
| error_wordlist: "Unable to open wordlist file: {0}" | |||
|
have made the required changes. |
| "-W", | ||
| "--wordlist", | ||
| action="store", | ||
| dest="read_from_file", |
There was a problem hiding this comment.
you lost help and default here
There was a problem hiding this comment.
Should I add a "read_from_file" variable in config and set that to none for default or just specify None here itself? I'll have to edit config to set default right?
nettacker/core/module.py
Outdated
| @@ -39,6 +39,7 @@ def __init__( | |||
| self.module_inputs[module_extra_args] = self.module_inputs["modules_extra_args"][ | |||
| module_extra_args | |||
| ] | |||
|
|
|||
There was a problem hiding this comment.
unnecessary empty line here
Proposed change
As discussed in issue #1025, users cannot use their own wordlist through the command line (they will have to go and change the path in config.py). I have added a command line argument that allows users to enter a path to their wordlist. If they don't then the defaults are used.
Your PR description goes here.
Type of change
Checklist
make pre-commit, it didn't generate any changesmake test, all tests passed locally