bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

nmapxml: don't use unnecessary temporary files

Browse source 
Instead of saving data to insecure temporary files created without
mktemp, simply echo them directly to the next stage of a pipeline.

Also reset the $software at the beginning of each round, to prevent
processing and then having to deduplicate many things, twice.
This commit is contained in:
Eli Schwartz 2018-10-04 13:54:06 -04:00
parent 05328d91a4
commit 66aaac8e63
No known key found for this signature in database
GPG key ID: CEB167EFB5722BD6
1 changed files with 4 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
searchsploit
View file

@ -346,9 +346,6 @@ function searchsploitout()
## Read XML file ## Read XML file
function nmapxml() function nmapxml()
{ {
## Remove any old traces
rm -f /tmp/searchsploit.{tmp,out}
## Feedback to the end user ## Feedback to the end user
echo -e "[i] Reading: '${FILE}'\n" echo -e "[i] Reading: '${FILE}'\n"
@ -368,29 +365,24 @@ function nmapxml()
## If we have already looped around and got something, save it before moving onto the current value ## If we have already looped around and got something, save it before moving onto the current value
if [[ "${software}" ]]; then if [[ "${software}" ]]; then
#searchsploitout #searchsploitout
echo "${software}" >> /tmp/searchsploit.out echo "${software}"
fi fi
## Something is better than nothing. Will just go on the default service that matches the port. e.g. domain ## Something is better than nothing. Will just go on the default service that matches the port. e.g. domain
software="${input}" software="${input}"
## Might not get any more than this, if -sV failed ## Might not get any more than this, if -sV failed
echo "${software}" > /tmp/searchsploit.tmp
;; ;;
"[PRODUCT]") "[PRODUCT]")
## We have a name, but no version (yet?) e.g. dnsmasq ## We have a name, but no version (yet?) e.g. dnsmasq
software="${input}" software="${input}"
echo "${software}" > /tmp/searchsploit.tmp
;; ;;
"[VERSION]") "[VERSION]")
software="${software} ${input}" software="${software} ${input}"
## Name & version. There isn't any more information to get, game over. e.g. dnsmasq 2.72 ## Name & version. There isn't any more information to get, game over. e.g. dnsmasq 2.72
echo "${software}" >> /tmp/searchsploit.out echo "${software}"
echo "" > /tmp/searchsploit.tmp software=
;; ;;
esac esac
done done | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
## Read in from file (so there are no duplicates - ...but unable to print out IPs)
cat /tmp/searchsploit.out /tmp/searchsploit.tmp 2>/dev/null | tr '[:upper:]' '[:lower:]' | awk '!x[$0]++' | while read software; do
searchsploitout searchsploitout
done done
} }