bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Improved bash, more help, less bugs, and cleaner output

Browse source
This commit is contained in:
g0tmi1k 2020-04-30 17:10:35 +01:00
parent 830465d5a9
commit a2a942ae0a
1 changed files with 125 additions and 94 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

123
searchsploit
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/bin/bash
# Name: SearchSploit - Exploit-DB's CLI search tool # Name: SearchSploit - Exploit-DB's CLI search tool
# Version: 4.1.0 (2020-04-27) # Version: 4.1.0 (2020-04-30)
# Written by: Offensive Security, Unix-Ninja, and g0tmi1k # Written by: Offensive Security, Unix-Ninja, and g0tmi1k
# Homepage: https://github.com/offensive-security/exploitdb # Homepage: https://github.com/offensive-security/exploitdb
# Manual: https://www.exploit-db.com/searchsploit # Manual: https://www.exploit-db.com/searchsploit
@ -41,8 +41,10 @@ CASE_TAG_GREP="-i"
CASE_TAG_FGREP="tolower" CASE_TAG_FGREP="tolower"
AWK_SEARCH="" AWK_SEARCH=""
FUZZY_SEARCH="" FUZZY_SEARCH=""
VERSION=
COLOUR_OFF_GREP= COLOUR_OFF_GREP=
COLOUR_ON_GREP= COLOUR_ON_GREP=
REGEX_GREP=
## Check if our grep supports --color ## Check if our grep supports --color
@ -51,6 +53,13 @@ if grep --help 2>&1 | grep "[-]-color" >/dev/null 2>&1 ; then
COLOUR_ON_GREP="--color=always" COLOUR_ON_GREP="--color=always"
fi fi
## Check if our grep supports ---perl-regexp
if grep --help 2>&1 | grep "[-]-perl-regexp" >/dev/null 2>&1 ; then
REGEX_GREP="-P"
else
REGEX_GREP="-E"
fi
## Set LANG variable to avoid illegal byte sequence errors ## Set LANG variable to avoid illegal byte sequence errors
LANG=C LANG=C
@ -66,8 +75,10 @@ function usage() {
echo " ${progname} afd windows local" echo " ${progname} afd windows local"
echo " ${progname} -t oracle windows" echo " ${progname} -t oracle windows"
echo " ${progname} -p 39446" echo " ${progname} -p 39446"
echo " ${progname} linux kernel 3.2 -s --exclude=\"(PoC)|/dos/\"" echo " ${progname} linux kernel 3.2 --exclude=\"(PoC)|/dos/\""
echo " ${progname} -s Apache Struts 2.0.0"
echo " ${progname} linux reverse password" echo " ${progname} linux reverse password"
echo " ${progname} -j 55555 | json_pp"
echo "" echo ""
echo " For more examples, see the manual: https://www.exploit-db.com/searchsploit" echo " For more examples, see the manual: https://www.exploit-db.com/searchsploit"
echo "" echo ""
@ -430,24 +441,9 @@ function buildterms() {
## Some regex to try and detect version ## Some regex to try and detect version
## Basic: major.minor[.build][.revision] // major.minor[.maintenance][.build] -- example: 1.2.3.4) ## Basic: major.minor[.build][.revision] // major.minor[.maintenance][.build] -- example: 1.2.3.4)
## Plus alphanumeric (e.g. alpha, beta): 1a, 2.2b, 3.3-c, 4.4-rc4, 5.5-r ## Plus alphanumeric (e.g. alpha, beta): 1a, 2.2b, 3.3-c, 4.4-rc4, 5.5-r
if echo "${tag_in}" | grep -Eq "^(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\w*))$"; then if ! echo "${tag_in}" | grep ${REGEX_GREP} -q "^(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\w*))$"; then
## 1.2.3-4abc
VERSION=$( echo "${tag_in}" | grep -Eo "^(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\w*))$" )
[[ -n "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]] \
&& echo "[i] Version ID: ${VERSION}"
## 1.2.3-4
CLEANVERSION=$( echo "${tag_in}" | grep -Eo "^(\d*\.?)(\d*\.?)(\d*\.?)((\.|\-)?(\d+))" )
if [[ -n "${CLEANVERSION}" ]] && [[ "${CLEANVERSION}" != "${VERSION}" ]]; then
VERSION="${CLEANVERSION}"
[[ "${VERBOSE}" -eq 1 ]] \
&& echo "[i] Clean ID: ${VERSION}"
fi
else
FUZZY_SEARCH="${FUZZY_SEARCH} | grep ${COLOUR_OFF_GREP} -F ${CASE_TAG_GREP} \"${tag_in}\"" FUZZY_SEARCH="${FUZZY_SEARCH} | grep ${COLOUR_OFF_GREP} -F ${CASE_TAG_GREP} \"${tag_in}\""
fi fi
## Search just the title, NOT the path ("-t"/"-e") ## Search just the title, NOT the path ("-t"/"-e")
else else
## If there is already a value, prepend text to get ready ## If there is already a value, prepend text to get ready
@ -457,7 +453,7 @@ function buildterms() {
## Escape any slashes ## Escape any slashes
tag_in="$( echo ${tag_in} | sed 's_/_\\/_g' )" tag_in="$( echo ${tag_in} | sed 's_/_\\/_g' )"
## Case sensitive ("-c")? ## Case sensitive ("-c")
if [[ "${SCASE}" -eq 1 ]]; then if [[ "${SCASE}" -eq 1 ]]; then
AWK_SEARCH="${AWK_SEARCH}${tag_in}" AWK_SEARCH="${AWK_SEARCH}${tag_in}"
else else
@ -520,7 +516,8 @@ function findresults() {
## Dynamically set column widths to the current screen size ## Dynamically set column widths to the current screen size
[[ "${WEBLINK}" -eq 1 ]] \ [[ "${WEBLINK}" -eq 1 ]] \
&& COL2=45 \ && COL2=45 \
|| COL2=$(( ${#path_in} + 21 )) || COL2=$(( 34 )) ## Max length + 2 ~ $ find . ! -path '*/.*' -type f | awk '{ print length, $0 }' | sort -n -s | cut -d" " -f2- | tail -n 1
#|| COL2=$(( ${#path_in} + 21 ))
COL1=$(( $( tput cols ) - COL2 - 1 )) COL1=$(( $( tput cols ) - COL2 - 1 ))
@ -538,17 +535,8 @@ function findresults() {
&& SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'" && SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'"
## Did we manage to detect the version? ## Are we doing a fuzzy search & did we manage to detect the version
if [[ "${FUZZY}" -eq 1 ]] && [[ -z "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]]; then if [[ "${FUZZY}" -eq 1 ]] && [[ -n "${VERSION}" ]]; then
echo "[i] Unable to detect version in terms: ${TAGS}" 1>&2
echo "[i] Disabling '${progname} -f'" 1>&2
elif [[ "${FUZZY}" -eq 1 ]]; then
## Check to see if sort is supported
echo | sort -V 2>/dev/null >/dev/null
if [ $? -ne "0" ]; then
echo "[-] 'sort' doesn't support '-V'" 1>&2
echo "[-] Disabling '${progname} -f'" 1>&2
else
## SubShells - http://mywiki.wooledge.org/BashFAQ/024 ## SubShells - http://mywiki.wooledge.org/BashFAQ/024
while IFS= read -r TITLE; do while IFS= read -r TITLE; do
while IFS= read -r RANGE; do while IFS= read -r RANGE; do
@ -573,7 +561,7 @@ function findresults() {
fi fi
done < <( done < <(
echo "${TITLE}" \ echo "${TITLE}" \
| grep -Eo "((\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\d|x)*)(\s*))?((<|>)=?)(\s*)(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\d|x)*)" \ | grep ${REGEX_GREP} -o "((\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\d|x)*)(\s*))?((<|>)=?)(\s*)(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\d|x)*)" \
| sed 's_=__; s_>_<_' | sed 's_=__; s_>_<_'
) )
## Do the same search (just without the version) & loop around all the exploit titles (as thats where the versions are) ## Do the same search (just without the version) & loop around all the exploit titles (as thats where the versions are)
@ -602,7 +590,6 @@ function findresults() {
eval "${FUZZY_SEARCH}" eval "${FUZZY_SEARCH}"
) )
fi fi
fi
## Magic search Fu + strip double quotes ## Magic search Fu + strip double quotes
@ -649,9 +636,9 @@ function findresults() {
## Default view ## Default view
else else
OUTPUT="$( echo "${OUTPUT}" \ OUTPUT="$( echo "${OUTPUT}" \
| sed 's_,exploits/_,_; s_,shellcodes/_,_; s_,papers/_,_' \
| awk -F ',' '{ printf "%-'${FORMAT_COL1}'s | %.'${FORMAT_COL2}'s\n", $3, $2 }' \ | awk -F ',' '{ printf "%-'${FORMAT_COL1}'s | %.'${FORMAT_COL2}'s\n", $3, $2 }' \
| sort -f )" | sort -f )"
#| sed 's_,exploits/_,_; s_,shellcodes/_,_; s_,papers/_,_' \
fi fi
@ -683,8 +670,9 @@ function printresults() {
else else
echo "| Path" echo "| Path"
#echo " > Results (0)" #echo " > Results (0)"
printf "%-${COL1}s " #
echo "| (${path_in}/)" #printf "%-${COL1}s "
#echo "| (${path_in}/)"
fi fi
drawline drawline
fi fi
@ -885,7 +873,7 @@ fi
## Print the full path. If pbcopy/xclip is available then copy to the clipboard ## Print the full path. If pbcopy/xclip is available then copy to the clipboard
if [[ "${GETPATH}" -eq 1 ]]; then if [[ "${GETPATH}" -eq 1 ]]; then
for exploit in $( echo ${TAGS} ); do for exploit in ${TAGS}; do
## Get EDB-ID from input ## Get EDB-ID from input
edbdb="$( echo ${exploit} | rev | cut -d '/' -f1 | rev | cut -d'-' -f1 | cut -d'.' -f1 | tr -dc '0-9' )" edbdb="$( echo ${exploit} | rev | cut -d '/' -f1 | rev | cut -d'-' -f1 | cut -d'.' -f1 | tr -dc '0-9' )"
@ -987,23 +975,66 @@ fi
## Are we are doing an exact match ("-e")? If so, do NOT check folder path (Implies "-t"). ## Are we are doing an exact match ("-e")? If so, do NOT check folder path (Implies "-t").
if [[ "${EXACT}" -eq 1 ]]; then [[ "${EXACT}" -eq 1 ]] \
FILEPATH=0 && FILEPATH=0
fi
## Case sensitive? ## Case sensitive ("-c"), remove the default flags
if [[ "${SCASE}" -eq 1 ]]; then [[ "${SCASE}" -eq 1 ]] \
## Remove the default flags && CASE_TAG_GREP="" \
CASE_TAG_GREP="" && CASE_TAG_FGREP=""
CASE_TAG_FGREP=""
fi
## Remove leading space ## Remove leading space
TAGS="$( echo ${TAGS} | sed -e 's/^[[:space:]]//' )" TAGS="$( echo ${TAGS} | sed -e 's/^[[:space:]]//' )"
## Check to see if the version of "sort" is supported
echo | sort -V 2>/dev/null >/dev/null
if [ $? -ne "0" ]; then
echo "[-] 'sort' doesn't support '-V'" 1>&2
echo "[i] Enabling '${progname} --strict'" 1>&2
FUZZY=0
fi
## Some regex to try and detect version
## Basic: major.minor[.build][.revision] // major.minor[.maintenance][.build] -- example: 1.2.3.4)
## Plus alphanumeric (e.g. alpha, beta): 1a, 2.2b, 3.3-c, 4.4-rc4, 5.5-r
for tag_in in ${TAGS}; do
if echo "${tag_in}" | grep ${REGEX_GREP} -q "^(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\w*))$"; then
## 1.2.3-4abc
VERSION=$( echo "${tag_in}" | grep ${REGEX_GREP} -o "^(\d+)(\.?\d*)(\.?\d*)((\.|\-)?(\w*))$" )
[[ -n "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]] \
&& echo "[i] Version ID: ${VERSION}"
## 1.2.3-4
CLEANVERSION=$( echo "${tag_in}" | grep ${REGEX_GREP} -o "^(\d*\.?)(\d*\.?)(\d*\.?)((\.|\-)?(\d+))" )
if [[ -n "${CLEANVERSION}" ]] && [[ "${CLEANVERSION}" != "${VERSION}" ]]; then
VERSION="${CLEANVERSION}"
[[ "${VERBOSE}" -eq 1 ]] \
&& echo "[i] Clean ID: ${VERSION}"
fi
fi
done
## Did not get a version? If so, no point doing a fuzzy search
if [[ "${FUZZY}" -eq 1 ]] && [[ -z "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]]; then
echo "[i] Unable to detect version in terms: ${TAGS}" 1>&2
echo "[i] Enabling '${progname} --strict'" 1>&2
FUZZY=0
fi
## Was it just an number entered in the terms?
if echo "${TAGS}" | grep ${REGEX_GREP} -q "^(\d+)$"; then
## Disable fuzzy
FUZZY=0
fi
#-----------------------------------------------------------------------------# #-----------------------------------------------------------------------------#