jobbin9422 / terminusdotnet Goto Github PK

this is exploitable by non root users btw https://cwe.mitre.org/data/definitions/250.html

Run !bash whoami and we expect to see termy who has minimal permissions. Run an example to see that we get elevated root permissions if we escape the rest of the command string

examples:

• !bash whoami && echo \\\
• !bash touch newFile.txt && echo \\\

solution:
parameterize with string.format or what ever is build into the process start info object.
Then remove this b/c it's no longer needed:

I don't even know where to start with this one. The whole set of code is garbage, but the low hanging fruit for optimizing this is setting it up to jumpqueue (after #24 is finished) and removing the backupqueue, so it fits more elegantly in the audio system instead of being some crappy black sheep I made as a meme. Bonus would be optimizing the scheduling system somehow, but I don't have an idea of how that's possible.

Adding this for tracking purposes, yea yea eya
Maybe it works but I've been spelling shuffle wrong or caps have creeped their way in

Context

Seems like adding shuffle to a !playlist command doesn't work question mark?
but it says we can do it 😤

Possible Fix

Does defining shuffle = false here set the default value? Or is this always false?

Everything else LGTM

OK that wont worry, have a nice day

so running !bash ps -A | grep ffmpeg results in command not found: ps -A | grep ffmpeg lol my b

Currently when you have an emote in a tweet, terminus just tweets the plain text of that emote, e.g. ":feelssogood:". It would be a really cool feature for him to be able to download the image of the emote from discord and put that in his tweet. This may be impossible because the emote might not embed properly, but it may be something to look into and see how the twitter api might support it.

This shouldn't be here, this is someone's IP 🤔

Sensitive data exposure BTW

The "meme" command in ImageModule is limited to one word for top and bottom text due to space delimiter. Also makes some pretty wacky results when quotes are used as input.

Parameterize the query string parameters so that the user cant query for something other than ticker

e.g. prevent this case !stonks TSLA&otherParam=true

Reference

Edit:

Found another one nvm this one is no cause for concern

I believe this is related to @ct-bess regex "optimizations", but the capture group for the 'er regex is no longer working properly.
Desired behavior: on saying "never", terminus should respond with "nev 'er? I hardly know 'er!"
Current behavior: on saying "never", terminus responds with "'er? I hardly know 'er!", clearly missing the capture group.

To a foreigner, assuming they have no idea what the original terminus is, would have no idea what terminusdotnet does without going through the source code/toying with the bot (invite link is non-existent; if it is on the repo, it should be easier to find). I suggest expanding the readme to the extent of what kind of things it does or at least give a hyperlink if there is explanatory text for the original terminus (reading the original terminus I couldn't find it's purpose other than the setup). To be fair, the original terminus in it's readme did have a sentence that explained it purpose, however, personally I think it is vague in the word 'react' which can mean many different things (can be ping/pong type, calculator, etc):

This project shows the capability of a bot to react to messages sent within a group.

TL;DR: readme should explain what the bot does and not just what it is.

Labels: enhancement documentation

Kindly add !hideki command

1. !hideki status: get the most recent @Hideki_Naganuma tweet
2. !hideki jams: play a Hideki Naganuma certified jam
3. !hideki: with no arguments responds to the user with UNDERSTAND UNDERSTAND

THNX

Much like !morrowind or !dmc this command will just paste a static image on top. Specifically the GIMP warning message when you try to resize an image into the giga bytes or tera byte range

🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️

Motivation

There are plenty of times where people don't possess the brain processing power to come up with good songs to add to the queue. The !playlist and !hideki commands are steps in the right direction, but this !radio command could be the true remedy.

Abstract

The !hideki command got me thinking it would be real neet if we could curate playlist(s) for Terminus to pull songs from.
I don't think users can be added as collaberators to a YouTube playlist, so here's a couple of ways around this:

1. There is 1 playlist that Terminus uses; 1 person adds songs to it that members request.

   This method will require more manual intervention to update the playlist, but less questionable songs will be added.

2. There are many member created playlists for Terminus to use

   This method will be more seamless but requires more work to pull off

Sample Command Usage

The following commands work for both implementations:

• !radio displays some usage information
• !radio continuous plays random songs from the playlist(s) continuously for a while ™️
• !radio rand plays a random song from the playlist(s)
• !radio 69 plays the 69th song in the playlist(s) (if it exists)
• !radio play "hideki naganuma" plays the 1st song whos title contains hideki naganuma
• !radio find "hideki naganuma" displays all songs whos title contains hideki naganuma
• !radio playlists display all playlists that are being used

The following commands require the many playlists for each member implementation:

• !radio rand @user plays a random song from @user's playlist
• !radio 69 @user plays the 69th song in @user's playlist (if it exists)
• !radio play "hideki naganuma" @user plays the 1st song whos title contains hideki naganuma from @user's playlist
• !radio find "hideki naganuma" @user displays all songs whos title contains hideki naganuma from @user's playlist
• !radio update @user https://playlist-url update @user's playlist to the given URL; Even if @user has no playlist

Other Thoughts

• @user portion could also accept me to pull from the message author's playlist

• @user could be substituted for a username to avoid notifying the at-ed user when someone runs this command

• play could be the subcommand to play a song to keep things consistent

  e.g. !radio play 69, !radio play "grant macdonald", !radio play rand

• Would be nice if we could add multiple random songs like !radio rand 5 to add 5 random songs

  This should be limited to adding no more than 5 or 10 songs

🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️ 🅱️

Accept Bean's messages into Terminus's advanced AI brain

Specifically for this use case:
-js for(let i=1; i < 12; ++i) console.log( '!play grocery' + i)

Thanks Dad

It would be nice to be able to force an item to the front of the music queue. This would include a base function that would put a song at the top of the queue, and include functions to add a song directly to the top of the queue (eg "!playnow" or !ytnow" that adds a song to the front and playnexts) and to move a song from the queue to the front (eg "!queuejump 22" puts item 22 in the queue into spot one).

Once this feature is implemented, it could be used in the weed function and could make the "backup queue" object obsolete, which would be a nice bit of optimization for the garbage code I wrote.

Ok but what if !reddit-moment could pull from unpopular opinions?

Sometimes we get an empty name from the youtube downloader, which makes the queue item populate with an empty name. Should be an easy case to handle if the name is empty, add some default name ("YouTube video" or even just the filename. Up to the discretion of whoever takes this issue).

Please make the !qload command respond with the message Big Load

Might be funny to plop this on top of an image, much like !morrowind and !dmc but with a giant picture of Keiskue and his RX7 witnessing the inertia drift