Skip to content

Commit 8742b61

Browse files
Merge branch 'main' into add-ai-policy
2 parents 7845386 + 7d027f2 commit 8742b61

4 files changed

Lines changed: 78 additions & 18 deletions

File tree

.github/ISSUE_TEMPLATE/config.yml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,8 @@
1+
blank_issues_enabled: false
2+
contact_links:
3+
- name: NetExec Wiki
4+
url: https://www.netexec.wiki/
5+
about: Check the wiki for usage guides and documentation before opening an issue.
6+
- name: NetExec Discord
7+
url: https://discord.com/invite/pjwUTQzg8R
8+
about: Join the Discord for general questions and community support.

.github/PULL_REQUEST_TEMPLATE.md

Lines changed: 9 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -13,24 +13,28 @@ Insert an "x" inside the brackets for relevant items (do not delete options)
1313
- [ ] Deprecation of feature or functionality
1414
- [ ] This change requires a documentation update
1515
- [ ] This requires a third party update (such as Impacket, Dploot, lsassy, etc)
16+
- [ ] This PR was created with the assistance of AI (list what type of assistance, tool(s)/model(s) in the description)
1617

1718
## Setup guide for the review
1819
Please provide guidance on what setup is needed to test the introduced changes, such as your locally running machine Python version & OS, as well as the target(s) you tested against, including software versions.
1920
In particular:
2021
- Bug Fix: Please provide a short description on how to trigger the bug, to make the bug reproducable for the reviewer.
21-
- Added Feature/Enhancement: Please specify what setup is needed in order to test the changes. E.g. is additional software needed? GPO changes required? Specific registry settings that need to be changed?
22+
- Added Feature/Enhancement: Please specify what setup is needed in order to test the changes, such as:
23+
- Is additional software needed?
24+
- GPO changes required?
25+
- Specific registry settings that need to be changed?
2226

2327
## Screenshots (if appropriate):
2428
Screenshots are always nice to have and can give a visual representation of the change.
25-
If appropriate include before and after screenshot(s) to show which results are to be expected.
29+
If appropriate, include before and after screenshot(s) to show which results are to be expected.
2630

2731
## Checklist:
2832
Insert an "x" inside the brackets for completed and relevant items (do not delete options)
2933

30-
- [ ] I have ran Ruff against my changes (via poetry: `poetry run python -m ruff check . --preview`, use `--fix` to automatically fix what it can)
34+
- [ ] I have ran Ruff against my changes (poetry: `poetry run ruff check .`, use `--fix` to automatically fix what it can)
3135
- [ ] I have added or updated the `tests/e2e_commands.txt` file if necessary (new modules or features are _required_ to be added to the e2e tests)
32-
- [ ] New and existing e2e tests pass locally with my changes
3336
- [ ] If reliant on changes of third party dependencies, such as Impacket, dploot, lsassy, etc, I have linked the relevant PRs in those projects
34-
- [ ] I have performed a self-review of my own code
37+
- [ ] I have linked relevant sources that describes the added technique (blog posts, documentation, etc)
38+
- [ ] I have performed a self-review of my own code (_not_ an AI review)
3539
- [ ] I have commented my code, particularly in hard-to-understand areas
3640
- [ ] I have made corresponding changes to the documentation (PR here: https://github.com/Pennyw0rth/NetExec-Wiki)
Lines changed: 51 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,51 @@
1+
name: PR Template Check
2+
3+
on:
4+
pull_request:
5+
types: [opened, edited]
6+
7+
jobs:
8+
check-template:
9+
runs-on: ubuntu-latest
10+
permissions:
11+
pull-requests: write
12+
steps:
13+
- name: Check PR description for template sections
14+
uses: actions/github-script@v7
15+
with:
16+
script: |
17+
const body = context.payload.pull_request.body || '';
18+
const requiredSections = [
19+
'## Description',
20+
'## Type of change',
21+
'## Setup guide for the review',
22+
'## Checklist'
23+
];
24+
25+
const missingSections = requiredSections.filter(
26+
section => !body.includes(section)
27+
);
28+
29+
if (missingSections.length === 0) return;
30+
31+
// Check if we already left a comment to avoid spamming
32+
const comments = await github.rest.issues.listComments({
33+
owner: context.repo.owner,
34+
repo: context.repo.repo,
35+
issue_number: context.payload.pull_request.number
36+
});
37+
38+
const botComment = comments.data.find(
39+
c => c.user.type === 'Bot' && c.body.includes('<!-- pr-template-check -->')
40+
);
41+
42+
if (botComment) return;
43+
44+
const missing = missingSections.map(s => `- ${s}`).join('\n');
45+
46+
await github.rest.issues.createComment({
47+
owner: context.repo.owner,
48+
repo: context.repo.repo,
49+
issue_number: context.payload.pull_request.number,
50+
body: `<!-- pr-template-check -->\nIt looks like the PR template may not have been filled out. The following sections appear to be missing:\n\n${missing}\n\nPlease edit your PR description to include them. The template helps reviewers understand and test your changes. Thanks!`
51+
});

nxc/modules/spider_plus.py

Lines changed: 10 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,8 @@
11
import json
22
import errno
3-
from os.path import abspath, join, split, exists, splitext, getsize, sep
3+
from os.path import abspath, join, exists, splitext, getsize
44
from os import makedirs, remove, stat
5+
from pathlib import Path, PurePosixPath
56
import time
67
from nxc.helpers.misc import CATEGORY
78
from nxc.paths import NXC_PATH
@@ -167,19 +168,15 @@ def read_chunk(self, remote_file, chunk_size=CHUNK_SIZE):
167168
def get_file_save_path(self, remote_file):
168169
r"""Processes the remote file path to extract the filename and the folder path where the file should be saved locally.
169170
170-
It converts forward slashes (/) and backslashes (\) in the remote file path to the appropriate path separator for the local file system.
171-
The folder path and filename are then obtained separately.
171+
Creates a PurePosixPath and replaces UNC parts, then cleans it of any path traversal (see issue #1120)
172172
"""
173-
# Remove the backslash before the remote host part and replace slashes with the appropriate path separator
174-
remote_file_path = str(remote_file)[2:].replace("/", sep).replace("\\", sep)
175-
176-
# Split the path to obtain the folder path and the filename
177-
folder, filename = split(remote_file_path)
178-
179-
# Join the output folder with the folder path to get the final local folder path
180-
folder = join(self.output_folder, folder)
181-
182-
return folder, filename
173+
self.logger.debug(f"Remote file: {remote_file}")
174+
raw_path = PurePosixPath(remote_file._RemoteFile__share, remote_file._RemoteFile__fileName.replace("\\", "/"))
175+
self.logger.debug(f"Raw path: {remote_file}")
176+
clean_parts = [p for p in raw_path.parts if p not in ("..", ".")]
177+
resolved = Path(self.output_folder).joinpath(self.host, *clean_parts)
178+
self.logger.debug(f"Resolved path: {resolved}")
179+
return str(resolved.parent), resolved.name
183180

184181
def spider_shares(self):
185182
"""Enumerates all available shares for the SMB connection, spiders through the readable shares, and saves the metadata of the shares to a JSON file"""

0 commit comments

Comments
 (0)