💡 [REQUEST] - Generic environment variables in page yaml #29
Description
Implementation PR
No response
Reference Issues
No response
Summary
In my current configuration, the CLI is running in docker, so when referencing the ${cwd} magic variable it references the path in the container. Examining the code it showed where this substitution takes place:
Line 174 in 8803e70
It would be great if a secondary processing took place to check for environment variables and substitute those as well.
Basic Example
Using a modified version of the GoBuster page to use a specific wordlist from a directory on the host at ~/project/robopages/data
description: >
Gobuster is a tool used for brute-force discovery of URIs (directories and files) in web sites, DNS subdomains (with wildcard support), Virtual Host names on target web servers, Open Amazon S3 buckets, Open Google Cloud buckets, TFTP servers
functions:
gobuster_directory_brute_force:
description: Perform a web server directory brute force to find hidden files and folders
parameters:
target:
type: string
description: The URL against which to perform brute force scan.
examples:
- http://www.example.com
- https://supersight.totallyawesome.com
container:
force: true
platform: linux/amd64
image: ghcr.io/oj/gobuster:latest
args:
- --net=host
volumes:
- $WORKINGDIR/data:/data
cmdline:
- gobuster
- dir
- -t
- '20'
- --no-color
- --quiet
- --no-progress
- -w
- /data/wordlists/web/quickhits.txt
- -z
- --no-color
- -b
- '404,403'
- -u
- ${target}
The ideal behavior would be when launching the server in docker to pass in the option -e WORKINGDIR=$PWD to pass the PWD as the WORKINGDIR environment variable to then be used when spinning up the GoBuster container to correctly reference the wordlist.
Drawbacks
I don't know Rust or I'd do it myself. Please don't hate me. We can still be friends.
Unresolved questions
No response