From 2100efa2402dd03a06803437bdc3775f5d165ad7 Mon Sep 17 00:00:00 2001 From: LuXeZs <49080760+LuXeZs@users.noreply.github.com> Date: Sun, 3 Dec 2023 08:17:30 +0000 Subject: [PATCH] Added option to censor sensitive secrets #96 --- src/backend.py | 12 ++++++++---- user/cfg.yml | 35 +++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+), 4 deletions(-) create mode 100644 user/cfg.yml diff --git a/src/backend.py b/src/backend.py index 6a23cc4..f9799b5 100644 --- a/src/backend.py +++ b/src/backend.py @@ -67,7 +67,10 @@ def bootstrap_browser( case 'reset': landing_url = 'https://discord.com/reset#token=' + configuration['resetToken'] driver.get(landing_url) - logger.debug(f'Going to landing page: {landing_url}') + if configuration['sensitiveDebug'] == True: + logger.debug(f'Going to landing page: {landing_url}') + else: + logger.debug(f'Going to landing page: Hidden') # Go to the required Discord login/landing page @@ -174,9 +177,10 @@ def code_entry( if session_statistics['attemptedCodeCount'] == 0: for i in configuration: session_statistics[i] = configuration[i] - #TODO: Make SENSITIVE_DEBUG level logs opt-in. - #If SENSITIVE_DEBUG is opted out, print placeholder characters instead of actual secrets. - logger.log('SENSITIVE_DEBUG',f"{color(i, 'green')}: {session_statistics[i]}") + if configuration['sensitiveDebug'] == True: + logger.log('SENSITIVE_DEBUG',f"{color(i, 'green')}: {session_statistics[i]}") + else: + logger.log('SENSITIVE_DEBUG',f"{color(i, 'green')}: Hidden") logger.debug(f"Program Mode: {color(configuration['programMode'].lower(), 'green')}") logger.debug(f"Code Mode: {color(configuration['codeMode'].lower(), 'green')}") diff --git a/user/cfg.yml b/user/cfg.yml new file mode 100644 index 0000000..15b0ba0 --- /dev/null +++ b/user/cfg.yml @@ -0,0 +1,35 @@ +# THIS FILE CONTAINS SENSITIVE LOGIN INFORMATION FOR YOUR DISCORD ACCOUNT! +# +# TAKE UTMOST CARE WHEN HANDLING, WORKING ON, OR UPLOADING THIS FILE. +# +# IF YOU CHECK THIS FILE INTO A PUBLIC-FACING VERSION CONTROL REPO, UPLOAD IT ONLINE, +# OR SHARE IT TO ANYONE YOU DON'T FULLY TRUST, YOUR INFORMATION AND ACCOUNT COULD POTENTIALLY BE STOLEN!!! +# +# IF YOUR DISCORD, EMAIL, OR OTHER ACCOUNT OR PERSONAL INFORMATION GETS HACKED, CRACKED, OR OTHERWISE STOLEN BECAUSE +# YOU SHARED YOUR FILLED IN COPY OF THIS FILE TO ANYONE, +# THE AUTHORS AND CONTRIBUTORS OF THIS PROGRAM ARE NOT RESPONSIBLE FOR WHATEVER DAMAGES MAY ENSUE + +# Basic login info +email: "" +password: "" + +# Program mode configuration +# Lets you skip the initial mode prompt stage by filling in your desired +# programMode and codeMode beforehand. +programMode: "" +codeMode: "" + +# Password Reset Info +# +# To get your token it will be in the url of the password reset page. +# Follow the instructions in the README.md on how to obtain this token +newPassword: "" +resetToken: "" + +# Disable 2FA info +# Fill in your discord account token here. +authToken: "" + +# Show SENSITIVE_DEBUG log info +# Default = False +sensitiveDebug: "False"