jwt_tool icon indicating copy to clipboard operation
jwt_tool copied to clipboard

Published 20 hours ago verified publisher icon ticarpi

Exit code 1 on success

Open ReDemoNBR opened this issue 3 years ago • 0 comments

On shells, the exit code 1 means error. However, if you run these commands below, they all exit the error code 1

python3 jwt_tool.py eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpbiI6InRpY2FycGkifQ.bsSwqj2c2uI9n7-ajmi3ixVGhPUiY7jO9SUn9dm15Po
python3 jwt_tool.py --exploit n eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJsb2dpbiI6InRpY2FycGkifQ.bsSwqj2c2uI9n7-ajmi3ixVGhPUiY7jO9SUn9dm15Po
python3 jwt_tool.py --query jwttool_298d3877b773b51a46e8dc441d1a9453

What are the reasons of using exit(1) instead of exit(0)?

And thinking about integration with other tools (like CI/CD for automated testing, like I am doing here with CORScanner for securing our own applications), could we change the behavior to the one below?

  • Exit code 1 when there is an error on CLI params/options (Ex: python3 jwt_tool.py -X hello -p)
  • Exit any code in 3-125 range for vulnerabilities found with given tests (Ex: found CVE-2015-2951 alg=none on https://example.com/)
  • Exit code 0 (for success) when no vulnerability is found with the given tests (Ex: tested https://example.com/ against CVE-2018-0114 Key injection but website passed test)

ReDemoNBR avatar Oct 03 '21 04:10 ReDemoNBR