From 26e2a084679679cccdeeabbb6889ce120eff7e50 Mon Sep 17 00:00:00 2001
From: Mohamed Dief <mdaif1332@gmail.com>
Date: Thu, 25 Feb 2021 12:32:33 +0200
Subject: [PATCH] Fixing Command Injection Issues.

---
 app.py | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/app.py b/app.py
index d754337..43b1517 100644
--- a/app.py
+++ b/app.py
@@ -95,6 +95,10 @@ async def ip(ctx , *, argument):
 
 @Client.command()
 async def dirsearch(ctx , *, argument):
+    if not CommandInjection.commandInjection(argument=argument , RCE=RCE):
+        await ctx.send("**Your Command Contains Unallowed Chars. Don't Try To Use It Again.**")
+        return
+    
     Path = TOOLS['dirsearch']; MainPath = getcwd(); chdir(Path)
     await ctx.send(f"**Running Your Dirsearch Scan, We Will Send The Results When It's Done**")
     Process = subprocess.Popen(f'python3 dirsearch.py -u {argument} -e * -b' , shell=True,stdout=subprocess.PIPE,stderr=subprocess.STDOUT)
@@ -115,6 +119,10 @@ async def dirsearch(ctx , *, argument):
 
 @Client.command()
 async def arjun(ctx , *, argument):
+    if not CommandInjection.commandInjection(argument=argument , RCE=RCE):
+        await ctx.send("**Your Command Contains Unallowed Chars. Don't Try To Use It Again.**")
+        return
+    
     Path = TOOLS['arjun']; MainPath = getcwd(); chdir(Path)
     await ctx.send(f"**Running Your Arjun Scan, We Will Send The Results When It's Done**")
     await ctx.send(f"**Note: The Bot Won't Respond Until The Scan is Done. All Of Your Commands Now Will Be Executed After This Process is Done.")