Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py’s write_txt, write_csv, write_json, and (commented-but-shipping) scan_file helpers open their output as open(f”{user}.“), where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A username that contains path-separator sequences (.., /, , or an absolute path) causes tookie-osint to write the scan output to an arbitrary path the invoking user has write permission for. This vulnerability is fixed in 4.1fix.
We use cookies to ensure that we give you the best experience on our website. If you continue to use this site we will assume that you are happy with it.
