diff --git a/bbot/modules/filedownload.py b/bbot/modules/filedownload.py
index 35287252b..79cb78f90 100644
--- a/bbot/modules/filedownload.py
+++ b/bbot/modules/filedownload.py
@@ -177,7 +177,9 @@ def make_filename(self, url, content_type=None):
if extension:
filename = f"{filename}.{extension}"
orig_filename = f"{orig_filename}.{extension}"
- return orig_filename, self.download_dir / filename, base_url
+ file_destination = self.download_dir / filename
+ file_destination = self.helpers.truncate_filename(file_destination)
+ return orig_filename, file_destination, base_url
async def report(self):
if self.files_downloaded > 0:
diff --git a/bbot/modules/gowitness.py b/bbot/modules/gowitness.py
index 361d6b2c5..d1b152cfd 100644
--- a/bbot/modules/gowitness.py
+++ b/bbot/modules/gowitness.py
@@ -143,6 +143,7 @@ async def handle_batch(self, *events):
final_url = screenshot["final_url"]
filename = self.screenshot_path / screenshot["filename"]
filename = filename.relative_to(self.scan.home)
+ # NOTE: this prevents long filenames from causing problems in BBOT, but gowitness will still fail to save it.
filename = self.helpers.truncate_filename(filename)
webscreenshot_data = {"path": str(filename), "url": final_url}
parent_event = event_dict[url]
diff --git a/bbot/test/test_step_2/module_tests/test_module_filedownload.py b/bbot/test/test_step_2/module_tests/test_module_filedownload.py
index 51d25988d..6e046aa47 100644
--- a/bbot/test/test_step_2/module_tests/test_module_filedownload.py
+++ b/bbot/test/test_step_2/module_tests/test_module_filedownload.py
@@ -60,3 +60,28 @@ def check(self, module_test, events):
# we don't want html files
html_files = list(download_dir.glob("*.html"))
assert len(html_files) == 0, "HTML files were erroneously downloaded"
+
+
+class TestFileDownloadLongFilename(TestFileDownload):
+ async def setup_after_prep(self, module_test):
+ module_test.set_expect_requests(
+ {"uri": "/"},
+ {
+ "response_data": ''
+ },
+ )
+ module_test.set_expect_requests(
+ {
+ "uri": "/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity.txt"
+ },
+ {
+ "response_data": "juicy stuff",
+ },
+ )
+
+ def check(self, module_test, events):
+ filesystem_events = [e for e in events if e.type == "FILESYSTEM"]
+ assert len(filesystem_events) == 1
+ file_path = Path(filesystem_events[0].data["path"])
+ assert file_path.is_file(), f"File not found at {file_path}"
+ assert file_path.read_text() == "juicy stuff", f"File at {file_path} does not contain the correct content"
diff --git a/bbot/test/test_step_2/module_tests/test_module_gowitness.py b/bbot/test/test_step_2/module_tests/test_module_gowitness.py
index 205b482f4..a41b4c7aa 100644
--- a/bbot/test/test_step_2/module_tests/test_module_gowitness.py
+++ b/bbot/test/test_step_2/module_tests/test_module_gowitness.py
@@ -1,3 +1,5 @@
+from pathlib import Path
+
from .base import ModuleTestBase
@@ -108,11 +110,16 @@ class TestGoWitnessLongFilename(TestGowitness):
"""
Make sure long filenames are truncated properly
"""
- targets = ["http://127.0.0.1:8888/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity"]
+
+ targets = [
+ "http://127.0.0.1:8888/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity"
+ ]
config_overrides = {"file_blobs": True}
async def setup_after_prep(self, module_test):
- request_args = {"uri": "/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity"}
+ request_args = {
+ "uri": "/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity/blacklanternsecurity"
+ }
respond_args = {
"response_data": "BBOT is lifeBBOT is life",
"headers": {"Server": "Apache/2.4.41 (Ubuntu)"},
@@ -122,3 +129,7 @@ async def setup_after_prep(self, module_test):
def check(self, module_test, events):
webscreenshots = [e for e in events if e.type == "WEBSCREENSHOT"]
assert webscreenshots, "failed to raise WEBSCREENSHOT events"
+ assert len(webscreenshots) == 1
+ webscreenshot = webscreenshots[0]
+ filename = Path(webscreenshot.data["path"])
+ assert filename.exists()