From a30ebe3ca112e0ca2769c21e5bd15f61fb0239c4 Mon Sep 17 00:00:00 2001 From: Chris Baal Date: Mon, 12 Sep 2016 17:19:32 -0400 Subject: [PATCH 1/3] Add two flags for viewing exploits in terminal pager --- searchsploit | 24 +++++++++++++++++++++++- 1 file changed, 23 insertions(+), 1 deletion(-) diff --git a/searchsploit b/searchsploit index 2ae67c98a..e5257d464 100755 --- a/searchsploit +++ b/searchsploit @@ -23,8 +23,10 @@ progname="$( basename "$0" )" ## Default options COLOUR=1 +COPY_EXPLOIT=0 EDBID=0 EXACT=0 +EXAMINE=0 FILEPATH=1 GETPATH=0 JSON=0 @@ -69,6 +71,8 @@ function usage() echo " -t, --title Search just the exploit title (Default is title AND the file's path)." echo " -u, --update Update exploit database from git." echo " -w, --www Show URLs to Exploit-DB.com rather than local path." + echo " -x, --examine Examine exploit in terminal pager." + echo " -X Copy exploit to current path and then examine in terminal pager." echo " --colour Disable colour highlighting." echo " --id Display EDB-ID value rather than local path." echo @@ -150,6 +154,9 @@ for param in "$@"; do SCASE=1 elif [[ "${param}" == "--exact" ]]; then EXACT=1 + elif [[ "${param}" == "--examine" ]]; then + GETPATH=1 + EXAMINE=1 elif [[ "${param}" == "--help" ]]; then usage >&2 elif [[ "${param}" == "--json" ]]; then @@ -180,7 +187,7 @@ done ## Parse short arguments -while getopts "cehjoptuw" arg "${ARGS}"; do +while getopts "cehjoptuwxX" arg "${ARGS}"; do if [[ "${arg}" = "?" ]]; then usage >&2; fi @@ -194,6 +201,8 @@ while getopts "cehjoptuw" arg "${ARGS}"; do t) FILEPATH=0;; u) update;; w) WEBLINK=1;; + x) GETPATH=1; EXAMINE=1;; + X) GETPATH=1; EXAMINE=1; COPY_EXPLOIT=1;; esac shift $(( OPTIND - 1 )) done @@ -229,6 +238,19 @@ if [[ "${GETPATH}" -eq 1 ]]; then fi fi + if [[ "${EXAMINE}" -eq 1 ]]; then + if [[ "${COPY_EXPLOIT}" -eq 1 ]]; then + cp ${location} . && echo "Copied exploit to $(pwd)/" + fi + if [[ "${PAGER}" ]]; then + /bin/sh -c ${PAGER} ${location} + elif [[ -f "$(which pager 2> /dev/null)" ]]; then + pager ${location} + else + less ${location} + fi + fi + ## Done exit 0 else From 2ce9b3fd516d8e9dcf52313c88af97d365fd63f0 Mon Sep 17 00:00:00 2001 From: Chris Baal Date: Mon, 12 Sep 2016 17:42:29 -0400 Subject: [PATCH 2/3] Remove -X flag and replace with -m for mirror only --- searchsploit | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/searchsploit b/searchsploit index e5257d464..2e47e8ee8 100755 --- a/searchsploit +++ b/searchsploit @@ -72,7 +72,7 @@ function usage() echo " -u, --update Update exploit database from git." echo " -w, --www Show URLs to Exploit-DB.com rather than local path." echo " -x, --examine Examine exploit in terminal pager." - echo " -X Copy exploit to current path and then examine in terminal pager." + echo " -m, --mirror Mirror (Copy) exploit to current path." echo " --colour Disable colour highlighting." echo " --id Display EDB-ID value rather than local path." echo @@ -187,7 +187,7 @@ done ## Parse short arguments -while getopts "cehjoptuwxX" arg "${ARGS}"; do +while getopts "cehjmoptuwx" arg "${ARGS}"; do if [[ "${arg}" = "?" ]]; then usage >&2; fi @@ -196,13 +196,13 @@ while getopts "cehjoptuwxX" arg "${ARGS}"; do e) EXACT=1;; h) usage >&2;; j) JSON=1;; + m) COPY_EXPLOIT=1;; o) OVERFLOW=1;; p) GETPATH=1;; t) FILEPATH=0;; u) update;; w) WEBLINK=1;; x) GETPATH=1; EXAMINE=1;; - X) GETPATH=1; EXAMINE=1; COPY_EXPLOIT=1;; esac shift $(( OPTIND - 1 )) done @@ -239,9 +239,6 @@ if [[ "${GETPATH}" -eq 1 ]]; then fi if [[ "${EXAMINE}" -eq 1 ]]; then - if [[ "${COPY_EXPLOIT}" -eq 1 ]]; then - cp ${location} . && echo "Copied exploit to $(pwd)/" - fi if [[ "${PAGER}" ]]; then /bin/sh -c ${PAGER} ${location} elif [[ -f "$(which pager 2> /dev/null)" ]]; then @@ -262,6 +259,13 @@ if [[ "${GETPATH}" -eq 1 ]]; then fi fi +if [[ "${COPY_EXPLOIT}" -eq 1 ]]; then + for exploit in $TAGS; do + find ${cvspath} -name ${exploit}'.*' -exec cp {} . \; -exec echo 'Copied {} to '$(pwd) \; + done + exit 0 +fi + ## If we are doing an exact match, do not check folder path. if [[ "${EXACT}" -eq 1 ]]; then From 51ac261a7f2382ce95047a3a512af6c730a995f8 Mon Sep 17 00:00:00 2001 From: Chris Baal Date: Mon, 12 Sep 2016 17:48:40 -0400 Subject: [PATCH 3/3] Adjust usage info and README to reflect new flags --- README.md | 2 ++ searchsploit | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 9ba9a008c..51b11bc20 100755 --- a/README.md +++ b/README.md @@ -23,11 +23,13 @@ Example: -e, --exact Perform an EXACT match on exploit title (Default is AND) [Implies "-t"]. -h, --help Show this help screen. -j, --json Show result in JSON format. + -m, --mirror Mirror (Copy) exploit to current path. -o, --overflow Exploit title's are allowed to overflow their columns. -p, --path Show the full path to an exploit (Copies path to clipboard if possible). -t, --title Search just the exploit title (Default is title AND the file's path). -u, --update Update exploit database from git. -w, --www Show URLs to Exploit-DB.com rather than local path. + -x, --examine Examine exploit in terminal pager. --colour Disable colour highlighting. --id Display EDB-ID value rather than local path. diff --git a/searchsploit b/searchsploit index 2e47e8ee8..cef096e83 100755 --- a/searchsploit +++ b/searchsploit @@ -66,13 +66,13 @@ function usage() echo " -e, --exact Perform an EXACT match on exploit title (Default is AND) [Implies \"-t\"]." echo " -h, --help Show this help screen." echo " -j, --json Show result in JSON format." + echo " -m, --mirror Mirror (Copy) exploit to current path." echo " -o, --overflow Exploit title's are allowed to overflow their columns." echo " -p, --path Show the full path to an exploit (Copies path to clipboard if possible)." echo " -t, --title Search just the exploit title (Default is title AND the file's path)." echo " -u, --update Update exploit database from git." echo " -w, --www Show URLs to Exploit-DB.com rather than local path." echo " -x, --examine Examine exploit in terminal pager." - echo " -m, --mirror Mirror (Copy) exploit to current path." echo " --colour Disable colour highlighting." echo " --id Display EDB-ID value rather than local path." echo