did same for usernames and passwords

pUrGe12 · pUrGe12 · commit f047501eafb9 · 2025-05-23T20:38:47.000+05:30
diff --git a/nettacker/api/engine.py b/nettacker/api/engine.py
@@ -7,6 +7,7 @@
 import time
 from threading import Thread
 from types import SimpleNamespace
+from pathlib import Path
 
 from flask import Flask, jsonify
 from flask import request as flask_request
@@ -249,6 +250,15 @@ def new_scan():
     form_values = dict(flask_request.form)
     raw_report_path_filename = form_values.get("report_path_filename")
 
+    if form_values.get("usernames") and Path(form_values.get("usernames")).is_file():
+        raw_username_filename = form_values.get("usernames")
+        form_values["usernames_list"] = str(raw_username_filename)
+        del form_values["usernames"]
+    if form_values.get("passwords") and Path(form_values.get("passwords")).is_file():
+        raw_password_filename = form_values.get("passwords")
+        form_values["passwords_list"] = str(raw_password_filename)
+        del form_values["passwords"]
+
     # Sanitizing this doesn't make sense because this will not
     # always start from nettacker's root directory.
     enum_path = form_values.get("custom_enum_file")
diff --git a/nettacker/web/static/index.html b/nettacker/web/static/index.html
@@ -295,13 +295,22 @@ <h3>Socks Proxy</h3>
                 <div class="form-group col-md-6">
                     <h3>Usernames</h3>
                     <textarea class="input-mini form-control" rows="8" cols="50" id="usernames"
-                              data-role="tagsinput" placeholder="separate with commas or new line">
-                    </textarea>
+                              placeholder="separate with commas or new line"></textarea>
+                    <br>
+                    <div class="input-group col-xs-5">
+                        <span class="input-group-addon">username file</span>
+                        <input id="username_file" type="text" class="form-control" placeholder="Enter username file path">
+                    </div>
                 </div>
                 <div class="form-group col-md-6">
                     <h3>Passwords</h3>
                     <textarea class="form-control" rows="8" cols="50" id="passwords"
                                placeholder="separate with commas or new line"></textarea>
+                    <br>
+                    <div class="input-group col-xs-5">
+                        <span class="input-group-addon">password file</span>
+                        <input id="password_file" type="text" class="form-control" placeholder="Enter password file path">
+                    </div>
                 </div>
                 <br>
             </div>
diff --git a/nettacker/web/static/js/main.js b/nettacker/web/static/js/main.js
@@ -376,6 +376,15 @@ $(document).ready(function () {
       graph_name = this.id;
     });
 
+    // If the user enters a filepath, use that, else the normal texts
+    var username_text = $("#usernames").val().trim();
+    var username_filepath = $("#username_file").val().trim(); 
+    var usernames_data = username_filepath !== "" ? username_filepath : username_text;
+
+    var password_text = $("#passwords").val().trim();
+    var password_filepath = $("#password_file").val().trim(); 
+    var passwords_data = password_filepath !== "" ? password_filepath : password_text;
+    
     // build post data
     var tmp_data = {
       targets: $("#targets").val(),
@@ -395,8 +404,8 @@ $(document).ready(function () {
       verbose_mode: $("#verbose_mode").val(),
       ports: $("#ports").val(),
       socks_proxy: $("#socks_proxy").val(),
-      usernames: $("#usernames").val(),
-      passwords: $("#passwords").val(),
+      usernames: usernames_data,
+      passwords: passwords_data,
       custom_enum_file: $("#enum_file").val(),
     };
 
