Exegol-history v2

[lap1nou]

Description

Hello,

I'm adding a tool that I wrote called dbassets (https://github.com/lap1nou/db-assets), it can be useful to manage compromised assets (credentials / hosts) informations and store them in an env variable ($USER, $PASSWORD, ...)

Feel free to close the PR if you already have something in progress for that.

Related issues

#40

Point of attention

N / A

[ShutdownRepo]

Love the PR, here's a change to make imo
Also, wouldn't it be interesting to add an alias like dbshow to list the values so that a user can check them before running a command?

[ShutdownRepo]

Also, what do you think about changing the prompt if $USER and $DOMAIN are not empty?
see for reference the screenshot at #40 (comment)

[lap1nou]

Hey,

Thank you for your feedback, I think this commit should do the trick.

[ShutdownRepo]

this change and we should be good to go in my opinion

[lap1nou]

@ShutdownRepo Also wouldn't that be better to pin the version of the package using pipx install --system-site-packages git+https://github.com/lap1nou/db-assets@1.0 ? In case I got compromised or some shit like that

[ShutdownRepo]

Lgtm

@ShutdownRepo Also wouldn't that be better to pin the version of the package using pipx install --system-site-packages git+https://github.com/lap1nou/db-assets@1.0 ? In case I got compromised or some shit like that

Not sure this is the best move, because if we were to do that on all tools, we'd have a serious problem in keeping tools up to date
Imo, we should rather work on another set of checks, for all tools, to limit risks

[gbe]

I am afraid that using USER, PASSWORD, ... may be too much generic and get in conflict with user-defined variables.
Maybe DBUSER, DBPASSWORD, ... would be less problematic.

Edit: But of course, using USER and PASSWORD are interesting to be in line with the commands in zsh_history.

Edit2: Or maybe add a way to revert the variables to what was defined by the user. But maybe that's already what dbassets offers.

@ShutdownRepo any thoughts?

[ShutdownRepo]

I am afraid that using USER, PASSWORD, ... may be too much generic and get in conflict with user-defined variables. Maybe DBUSER, DBPASSWORD, ... would be less problematic.

But of course, using USER and PASSWORD are interesting to be in line with the commands in zsh_history.

@ShutdownRepo any thoughts?

That's the purpose of this PR 😁 to improve on the current Exegol-history management which basically consists in a profile.sh file in /opt/tools/Exegol-history/
With this PR, users will be able to edit that with DBAssets

[lap1nou]

I moved the install function after the pipx install, this should fix the pipeline.

[qu35t-code]

In my opinion we can keep exegol_history, it does not change much and can allow users who use it to not be lost or dependent on dbasssets.