Merge pull request #59 from g0tmi1k/searchsploit

SearchSploit - Screen width will not affect the results
2016-11-07 16:54:07 +00:00 · 2016-11-07 16:54:07 +00:00 · b80848bd60
commit b80848bd60
parent 1ee96838d2 55bbc4f153
1 changed files with 79 additions and 70 deletions
--- a/149
+++ b/149
@ -1,6 +1,6 @@
 #!/bin/bash
 #       Name: SearchSploit - Exploit-DB's CLI search tool
-#    Version: 3.7   (Release date: 2016-10-26)
+#    Version: 3.7.1 (Release date: 2016-11-07)
 # Written by: Offensive Security, Unix-Ninja & g0tmi1k
 #   Homepage: https://github.com/offensive-security/exploit-database
 #
@ -41,6 +41,7 @@ TAGS=""
 SEARCH=""
 CASE_TAG_GREP="-i"
 CASE_TAG_FGREP="tolower"
+AWK_SEARCH=""


 ## Set LANG variable to avoid illegal byte sequence errors
@ -305,13 +306,51 @@ function nmapxml()
  #searchsploitout
  echo "${software}" >> /tmp/searchsploitout

-  ## Read in from file (so there isn't any duplicates but unable to print out IPs)
+  ## Read in from file (so there are no duplicates - ...but unable to print out IPs)
  cat /tmp/searchsploitout | tr '[:upper:]' '[:lower:]'  | awk '!x[$0]++' | while read software; do
    searchsploitout
  done
 }


+## Build search terms
+function buildterms()
+{
+  tag="${1}"
+
+  ## If we are to use colour ("--colour"), add the values to search for between "or"
+  if [[ "${COLOUR}" -eq 1 ]]; then
+    if [[ "${COLOUR_TAG}" ]]; then
+      COLOUR_TAG="${COLOUR_TAG}|"
+    fi
+    COLOUR_TAG="${COLOUR_TAG}${tag}"
+  fi
+
+  ## Search both title AND path
+  if [[ "${FILEPATH}" -eq 1 ]]; then
+    ## Search command for each term (with case sensitive flag, "-c")
+    SEARCH="${SEARCH} | grep --color=never -F ${CASE_TAG_GREP} \"${tag}\""
+  ## Search just the title, NOT the path ("-t"/"-e")
+  else
+    ## If there is already a value, prepend text to get ready
+    if [[ "${AWK_SEARCH}" ]]; then
+      AWK_SEARCH="${AWK_SEARCH}/ && ${CASE_TAG_FGREP}(\$3) ~ /"
+    fi
+
+    ## Escape any slashes
+    tag="$( echo ${tag} | sed 's_/_\\/_g' )"
+
+    ## Case sensitive ("-c")?
+    if [[ "${SCASE}" -eq 1 ]]; then
+      AWK_SEARCH="${AWK_SEARCH}${tag}"
+    else
+      AWK_SEARCH="${AWK_SEARCH}$( echo ${tag} | tr '[:upper:]' '[:lower:]' )"
+    fi
+  fi
+}
+
+
+
 ## Check for empty args
 if [[ $# -eq 0 ]]; then
  usage >&2
@ -409,7 +448,7 @@ if [[ "${XML}" -eq 1 ]]; then

  if ! hash xmllint 2>/dev/null; then
    echo -e '\n[!] Please install xmllint' 1>&2
-    echo -e '[i] Kali Linux -> apt install -y libxml2-utils' 1>&2
+    echo -e '[i]   Kali Linux -> apt install -y libxml2-utils' 1>&2
    exit 1
  fi

@ -494,7 +533,7 @@ if [[ "${GETPATH}" -eq 1 ]]; then
 fi


-## If we are doing an exact match, do not check folder path (Implies "-t").
+## If we are doing an exact match ("-e")? If so, do NOT check folder path (Implies "-t").
 if [[ "${EXACT}" -eq 1 ]]; then
  FILEPATH=0
 fi
@ -519,7 +558,7 @@ COL1=$(( $( tput cols ) - COL2 - 1 ))
 ## Remove leading space
 TAGS="$(echo ${TAGS} | sed -e 's/^[[:space:]]//')"

-## Print header if not in JSON
+## Print header if NOT in JSON ("--json")
 if [[ "${JSON}" -eq 0 ]]; then
  drawline
  printf "%-${COL1}s %s" " Exploit Title"
@ -541,71 +580,31 @@ else
 fi


-## EXACT search command?
-if [[ "${EXACT}" -eq 1 ]]; then
-  ## Case sensitive?
-  if [[ "${SCASE}" -eq 1 ]]; then
-    SEARCH="${TAGS}"
-  else
-    ## Case insensitive
-    SEARCH="$( echo ${TAGS} | tr '[:upper:]' '[:lower:]' )"
-  fi
+## Read in id, title and path, separated between commas (as these are the only visible fields)
+SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${csvpath}\""

-  ## If we are to use colour, add the values to search for
-  if [[ "${COLOUR}" -eq 1 ]]; then
-    COLOUR_TAG="${SEARCH}"
-  fi
+
+## EXACT search command ("-e")?
+if [[ "${EXACT}" -eq 1 ]]; then
+ buildterms "${TAGS}"
 ## or AND search command?
 else
  ## For each term
-  for tag in ${TAGS}; do
-    ## If we are to use colour, add the values to search for between "or"
-    if [[ "${COLOUR}" -eq 1 ]]; then
-      if [[ "${COLOUR_TAG}" ]]; then
-        COLOUR_TAG="${COLOUR_TAG}\|"
-      fi
-      COLOUR_TAG="${COLOUR_TAG}${tag}"
-    fi
-
-    ## Search both title AND path?
-    if [[ "${FILEPATH}" -eq 1 ]]; then
-      ## Is there a value already?
-      if [[ "${SEARCH}" ]]; then
-        SEARCH="${SEARCH} |"
-      fi
-
-      ## Search command for each term
-      SEARCH="${SEARCH} fgrep ${CASE_TAG_GREP} \"${tag}\""
-    ## Search just the title, not the path
-    else
-      ## If there is already a value, prepend text to get ready
-      if [[ "${SEARCH}" ]]; then
-        SEARCH="${SEARCH}/ && ${CASE_TAG_FGREP}(\$1) ~ /"
-      fi
-
-      ## Escape any slashes
-      tag="$( echo ${tag} | sed 's_/_\\/_g' )"
-
-      ## Case sensitive?
-      if [[ "${SCASE}" -eq 1 ]]; then
-        SEARCH="${SEARCH}${tag}"
-      else
-        SEARCH="${SEARCH}$( echo ${tag} | tr '[:upper:]' '[:lower:]' )"
-      fi
-    fi
+  for TAG in ${TAGS}; do
+    buildterms "${TAG}"
  done
 fi


-## If we are not to use the path name
+## If we are NOT to use the path name ("-t"/"-e")
 if [[ "${FILEPATH}" -eq 0 ]]; then
-  SEARCH="awk -F '[|]' '${CASE_TAG_FGREP}(\$1) ~ /${SEARCH}/ {print}'"
+  SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'"
 fi


-## If we are to use colour, add the value here
+## If we are to use colour ("--colour"), add the value here
 if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
-  SEARCH="${SEARCH} | grep --color=always -ie \"\${COLOUR_TAG}\""
+  COLOUR_TAG="grep --color=always -iE \"${COLOUR_TAG}|$\""
 fi


@ -618,29 +617,38 @@ fi


 ## Magic search Fu
-## Web link format?
+## Web link format ("--www")?
 if [[ "${WEBLINK}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, "https://www.exploit-db.com/exploits/"$1"/"}' "${csvpath}" \
-    | eval "${SEARCH}" )"
-## Just the EDB-ID?
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, "https://www.exploit-db.com/exploits/"$1"/"}' )"
+## Just the EDB-ID ("--id")?
 elif [[ "${EDBID}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $1}' "${csvpath}" \
-    | eval "${SEARCH}" )"
-## Print JSON format (full options)
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $1 }' )"
+## Print JSON format (full options) ("--json")?
 elif [[ "${JSON}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "\r\t\t'{'\"Exploit\":\"%s\",\"Path\":\"'${gitpath}/'%s\",\"EDB-ID\":%s},\n", $3, $2, $1}' "${csvpath}" \
-    | eval "${SEARCH}" \
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "\r\t\t'{'\"Exploit\":\"%s\",\"Path\":\"'${gitpath}/'%s\",\"EDB-ID\":%s},\n", $3, $2, $1 }' \
    | sed '$ s/,$//g' )"
 ## Default view
 else
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $2}' "${csvpath}" \
-    | eval "${SEARCH}" \
-    | sed "s/| platforms/| ./" )"
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $2 }' \
+    | sed "s/| platforms/| /" )"
 fi

+
+## Display colour highlights ("--colour")?
+if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
+  OUTPUT=$( echo -e "${OUTPUT}" | eval ${COLOUR_TAG} )
+fi
+
+
+## Show content
 echo "${OUTPUT}"

-## Print footer if not in JSON
+
+## Print footer if NOT in JSON ("--json")
 if [[ "${JSON}" -eq 0 ]]; then
  drawline
 ## Print JSON footer
@ -649,5 +657,6 @@ else
  echo "}"
 fi

+
 ## Done
 exit 0