Comments (5)
Can you give more context, please?
Is it an issue that happens with both the clients? How can we reproduce it (e.g., a script to test this bug)? Did you test it with a repo giving only a few discoveries (so that it's very easy to see that it enters an infinite loop)?
from credential-digger.
Can you give more context, please?
Is it an issue that happens with both the clients? How can we reproduce it (e.g., a script to test this bug)? Did you test it with a repo giving only a few discoveries (so that it's very easy to see that it enters an infinite loop)?
Hi @marcorosa, I updated the description
from credential-digger.
Ok, but can you be more specific, please? 😄
At first I though it was related to the data structure we are using (could have been not sortable). Yet, I sorted manually some discoveries and it works fine
conn = sqlite3.connect('data.db')
cursor = conn.cursor()
repo_url = '...'
cursor.execute('select * from discoveries where repo_url=?', (repo_url,))
discoveries = cursor.fetchall()
sorted(discoveries, key=lambda d:d[4]) # 4 is the snippet position
So, where is this issue coming from? what methods are you using? are you trying to do this sort with the python library or directly in-browser with javascript? are you trying to sort all the discoveries or a repo or just the paginated ones?
from credential-digger.
Thank you for your comment @marcorosa
No, it is not related to the data structure nor the database.
So, where is this issue coming from?
The issue is coming from the /get_discoveries
route/function. Precisely this line:
credential-digger/ui/server.py
Line 393 in c4b000d
are you trying to do this sort with the python library or directly in-browser with javascript?
The bug occurs when we try to sort the discoveries on the browser (javascript).
The bug can be reproduced manually without writing a script, by sorting the discoveries via the UI using these built-in buttons:
are you trying to sort all the discoveries or a repo or just the paginated ones?
I tried both 'all discoveries' and only the paginated ones, but none of them has worked.
Fix
Problem
Sorting discoveries (manually, from the UI, using the built-in sorting buttons), results in this error:
Traceback (most recent call last):
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 2088, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 2073, in wsgi_app
response = self.handle_exception(e)
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 2070, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 1515, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 1513, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.8/dist-packages/flask/app.py", line 1499, in dispatch_request
return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
File "/root/apps/new_cdigger/credential-digger-main/ui/server.py", line 396, in get_discoveries
'data': sorted([{'snippet': keys[0],
File "/root/apps/new_cdigger/credential-digger-main/ui/server.py", line 408, in <lambda>
key=lambda i: States[i[order_by]].value,
File "/usr/lib/python3.8/enum.py", line 349, in __getitem__
return cls._member_map_[name]
KeyError: 'crypto_key'
crypto_key
in our case is one of the categories we have at hand. One of the discoveries happens to be a crytpo_key.
Fix
The problem comes from line:
credential-digger/ui/server.py
Line 393 in c4b000d
We replaced
States[i[order_by]].value
by order_by
and it works just fine as for our first experiments, we will test it further more.from credential-digger.
Ordering discoveries by category still breaks the UI
Traceback (most recent call last):
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2464, in __call__
return self.wsgi_app(environ, start_response)
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2450, in wsgi_app
response = self.handle_exception(e)
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1867, in handle_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.9/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2447, in wsgi_app
response = self.full_dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1952, in full_dispatch_request
rv = self.handle_user_exception(e)
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1821, in handle_user_exception
reraise(exc_type, exc_value, tb)
File "/usr/local/lib/python3.9/site-packages/flask/_compat.py", line 39, in reraise
raise value
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1950, in full_dispatch_request
rv = self.dispatch_request()
File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1936, in dispatch_request
return self.view_functions[rule.endpoint](**req.view_args)
File "/Users/i355397/git/credential-digger/ui/server.py", line 447, in get_discoveries
'data': sorted([{'snippet': keys[0],
File "/Users/i355397/git/credential-digger/ui/server.py", line 460, in <lambda>
key=lambda i: States[i[order_by]].value,
File "/usr/local/Cellar/[email protected]/3.9.7/Frameworks/Python.framework/Versions/3.9/lib/python3.9/enum.py", line 432, in __getitem__
return cls._member_map_[name]
KeyError: 'password'
from credential-digger.
Related Issues (20)
- export_discoveries crash
- OSError during compute_embeddings HOT 2
- Show credential digger version in UI
- Update the the total discoveries counter with the real number of issues
- broken scans shown as completed in the UI
- broken hyperscan dependency HOT 3
- Scan local repo without remote causes the scan to break
- Scan is slow when copying local repo
- Pull request scan trigger hook HOT 3
- update psycopg HOT 1
- postgres add_discoveries broken for NUL characters
- Macbook M1|2|3 support HOT 3
- scan single commit
- Error, blank web page HOT 1
- Unable to authorize privite Github repositories HOT 3
- Error while installing on brand new KALI linux VM HOT 5
- Enabling HTTPS on UI HOT 2
- Cred digger CLI base scan is not showing on UI
- ui/server.py breaks while performing the scan
- Update python versions support HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from credential-digger.