From 9f26e75621b52db8626914f05d39be1abf43e896 Mon Sep 17 00:00:00 2001
From: g0tmi1k <have.you.g0tmi1k@gmail.com>
Date: Mon, 7 Nov 2016 12:23:24 +0000
Subject: [PATCH 1/2] Screen width will not affect the results

---
 searchsploit | 123 +++++++++++++++++++++++++++------------------------
 1 file changed, 64 insertions(+), 59 deletions(-)

diff --git a/searchsploit b/searchsploit
index f8dd5e3ce..362cb74b7 100755
--- a/searchsploit
+++ b/searchsploit
@@ -41,6 +41,7 @@ TAGS=""
 SEARCH=""
 CASE_TAG_GREP="-i"
 CASE_TAG_FGREP="tolower"
+AWK_SEARCH=""
 
 
 ## Set LANG variable to avoid illegal byte sequence errors
@@ -312,6 +313,44 @@ function nmapxml()
 }
 
 
+## Build search terms
+function buildterms()
+{
+  tag="${1}"
+
+  ## If we are to use colour ("--colour"), add the values to search for between "or"
+  if [[ "${COLOUR}" -eq 1 ]]; then
+    if [[ "${COLOUR_TAG}" ]]; then
+      COLOUR_TAG="${COLOUR_TAG}|"
+    fi
+    COLOUR_TAG="${COLOUR_TAG}${tag}"
+  fi
+
+  ## Search both title AND path
+  if [[ "${FILEPATH}" -eq 1 ]]; then
+    ## Search command for each term (with case sensitive flag, "-c")
+    SEARCH="${SEARCH} | grep --color=never -F ${CASE_TAG_GREP} \"${tag}\""
+  ## Search just the title, NOT the path ("-t"/"-e")
+  else
+    ## If there is already a value, prepend text to get ready
+    if [[ "${AWK_SEARCH}" ]]; then
+      AWK_SEARCH="${AWK_SEARCH}/ && ${CASE_TAG_FGREP}(\$3) ~ /"
+    fi
+
+    ## Escape any slashes
+    tag="$( echo ${tag} | sed 's_/_\\/_g' )"
+
+    ## Case sensitive ("-c")?
+    if [[ "${SCASE}" -eq 1 ]]; then
+      AWK_SEARCH="${AWK_SEARCH}${tag}"
+    else
+      AWK_SEARCH="${AWK_SEARCH}$( echo ${tag} | tr '[:upper:]' '[:lower:]' )"
+    fi
+  fi
+}
+
+
+
 ## Check for empty args
 if [[ $# -eq 0 ]]; then
   usage >&2
@@ -541,71 +580,31 @@ else
 fi
 
 
-## EXACT search command?
-if [[ "${EXACT}" -eq 1 ]]; then
-  ## Case sensitive?
-  if [[ "${SCASE}" -eq 1 ]]; then
-    SEARCH="${TAGS}"
-  else
-    ## Case insensitive
-    SEARCH="$( echo ${TAGS} | tr '[:upper:]' '[:lower:]' )"
-  fi
+## Read in id, title and path, separated between commas (as these are the only visible fields)
+SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${csvpath}\""
 
-  ## If we are to use colour, add the values to search for
-  if [[ "${COLOUR}" -eq 1 ]]; then
-    COLOUR_TAG="${SEARCH}"
-  fi
+
+## EXACT search command ("-e")?
+if [[ "${EXACT}" -eq 1 ]]; then
+ buildterms "${TAGS}"
 ## or AND search command?
 else
   ## For each term
-  for tag in ${TAGS}; do
-    ## If we are to use colour, add the values to search for between "or"
-    if [[ "${COLOUR}" -eq 1 ]]; then
-      if [[ "${COLOUR_TAG}" ]]; then
-        COLOUR_TAG="${COLOUR_TAG}\|"
-      fi
-      COLOUR_TAG="${COLOUR_TAG}${tag}"
-    fi
-
-    ## Search both title AND path?
-    if [[ "${FILEPATH}" -eq 1 ]]; then
-      ## Is there a value already?
-      if [[ "${SEARCH}" ]]; then
-        SEARCH="${SEARCH} |"
-      fi
-
-      ## Search command for each term
-      SEARCH="${SEARCH} fgrep ${CASE_TAG_GREP} \"${tag}\""
-    ## Search just the title, not the path
-    else
-      ## If there is already a value, prepend text to get ready
-      if [[ "${SEARCH}" ]]; then
-        SEARCH="${SEARCH}/ && ${CASE_TAG_FGREP}(\$1) ~ /"
-      fi
-
-      ## Escape any slashes
-      tag="$( echo ${tag} | sed 's_/_\\/_g' )"
-
-      ## Case sensitive?
-      if [[ "${SCASE}" -eq 1 ]]; then
-        SEARCH="${SEARCH}${tag}"
-      else
-        SEARCH="${SEARCH}$( echo ${tag} | tr '[:upper:]' '[:lower:]' )"
-      fi
-    fi
+  for TAG in ${TAGS}; do
+    buildterms "${TAG}"
   done
 fi
 
 
 ## If we are not to use the path name
 if [[ "${FILEPATH}" -eq 0 ]]; then
-  SEARCH="awk -F '[|]' '${CASE_TAG_FGREP}(\$1) ~ /${SEARCH}/ {print}'"
+  SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'"
 fi
 
 
 ## If we are to use colour, add the value here
 if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
-  SEARCH="${SEARCH} | grep --color=always -ie \"\${COLOUR_TAG}\""
+  COLOUR_TAG="grep --color=always -iE \"${COLOUR_TAG}|$\""
 fi
 
 
@@ -620,22 +619,28 @@ fi
 ## Magic search Fu
 ## Web link format?
 if [[ "${WEBLINK}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, "https://www.exploit-db.com/exploits/"$1"/"}' "${csvpath}" \
-    | eval "${SEARCH}" )"
 ## Just the EDB-ID?
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, "https://www.exploit-db.com/exploits/"$1"/"}' )"
 elif [[ "${EDBID}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $1}' "${csvpath}" \
-    | eval "${SEARCH}" )"
 ## Print JSON format (full options)
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $1 }' )"
 elif [[ "${JSON}" -eq 1 ]]; then
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "\r\t\t'{'\"Exploit\":\"%s\",\"Path\":\"'${gitpath}/'%s\",\"EDB-ID\":%s},\n", $3, $2, $1}' "${csvpath}" \
-    | eval "${SEARCH}" \
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "\r\t\t'{'\"Exploit\":\"%s\",\"Path\":\"'${gitpath}/'%s\",\"EDB-ID\":%s},\n", $3, $2, $1 }' \
     | sed '$ s/,$//g' )"
 ## Default view
 else
-  OUTPUT="$( awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $2}' "${csvpath}" \
-    | eval "${SEARCH}" \
-    | sed "s/| platforms/| ./" )"
+  OUTPUT="$( eval ${SEARCH} \
+    | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $2 }' \
+    | sed "s/| platforms/| /" )"
+fi
+
+
+## Display colour highlights ("--colour")?
+if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
+  OUTPUT=$( echo -e "${OUTPUT}" | eval ${COLOUR_TAG} )
 fi
 
 echo "${OUTPUT}"

From 55bbc4f1531ca13129539f8cc386d1c7d369bd03 Mon Sep 17 00:00:00 2001
From: g0tmi1k <have.you.g0tmi1k@gmail.com>
Date: Mon, 7 Nov 2016 12:24:58 +0000
Subject: [PATCH 2/2] Code cleanup - adds comments & formatting

---
 searchsploit | 26 +++++++++++++++-----------
 1 file changed, 15 insertions(+), 11 deletions(-)

diff --git a/searchsploit b/searchsploit
index 362cb74b7..1993feb29 100755
--- a/searchsploit
+++ b/searchsploit
@@ -1,6 +1,6 @@
 #!/bin/bash
 #       Name: SearchSploit - Exploit-DB's CLI search tool
-#    Version: 3.7   (Release date: 2016-10-26)
+#    Version: 3.7.1 (Release date: 2016-11-07)
 # Written by: Offensive Security, Unix-Ninja & g0tmi1k
 #   Homepage: https://github.com/offensive-security/exploit-database
 #
@@ -306,7 +306,7 @@ function nmapxml()
   #searchsploitout
   echo "${software}" >> /tmp/searchsploitout
 
-  ## Read in from file (so there isn't any duplicates but unable to print out IPs)
+  ## Read in from file (so there are no duplicates - ...but unable to print out IPs)
   cat /tmp/searchsploitout | tr '[:upper:]' '[:lower:]'  | awk '!x[$0]++' | while read software; do
     searchsploitout
   done
@@ -448,7 +448,7 @@ if [[ "${XML}" -eq 1 ]]; then
 
   if ! hash xmllint 2>/dev/null; then
     echo -e '\n[!] Please install xmllint' 1>&2
-    echo -e '[i] Kali Linux -> apt install -y libxml2-utils' 1>&2
+    echo -e '[i]   Kali Linux -> apt install -y libxml2-utils' 1>&2
     exit 1
   fi
 
@@ -533,7 +533,7 @@ if [[ "${GETPATH}" -eq 1 ]]; then
 fi
 
 
-## If we are doing an exact match, do not check folder path (Implies "-t").
+## If we are doing an exact match ("-e")? If so, do NOT check folder path (Implies "-t").
 if [[ "${EXACT}" -eq 1 ]]; then
   FILEPATH=0
 fi
@@ -558,7 +558,7 @@ COL1=$(( $( tput cols ) - COL2 - 1 ))
 ## Remove leading space
 TAGS="$(echo ${TAGS} | sed -e 's/^[[:space:]]//')"
 
-## Print header if not in JSON
+## Print header if NOT in JSON ("--json")
 if [[ "${JSON}" -eq 0 ]]; then
   drawline
   printf "%-${COL1}s %s" " Exploit Title"
@@ -596,13 +596,13 @@ else
 fi
 
 
-## If we are not to use the path name
+## If we are NOT to use the path name ("-t"/"-e")
 if [[ "${FILEPATH}" -eq 0 ]]; then
   SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'"
 fi
 
 
-## If we are to use colour, add the value here
+## If we are to use colour ("--colour"), add the value here
 if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
   COLOUR_TAG="grep --color=always -iE \"${COLOUR_TAG}|$\""
 fi
@@ -617,15 +617,15 @@ fi
 
 
 ## Magic search Fu
-## Web link format?
+## Web link format ("--www")?
 if [[ "${WEBLINK}" -eq 1 ]]; then
-## Just the EDB-ID?
   OUTPUT="$( eval ${SEARCH} \
     | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, "https://www.exploit-db.com/exploits/"$1"/"}' )"
+## Just the EDB-ID ("--id")?
 elif [[ "${EDBID}" -eq 1 ]]; then
-## Print JSON format (full options)
   OUTPUT="$( eval ${SEARCH} \
     | awk -F "\"*,\"*" '{ printf "%-'${FORMAT}'s | %s\n", $3, $1 }' )"
+## Print JSON format (full options) ("--json")?
 elif [[ "${JSON}" -eq 1 ]]; then
   OUTPUT="$( eval ${SEARCH} \
     | awk -F "\"*,\"*" '{ printf "\r\t\t'{'\"Exploit\":\"%s\",\"Path\":\"'${gitpath}/'%s\",\"EDB-ID\":%s},\n", $3, $2, $1 }' \
@@ -643,9 +643,12 @@ if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
   OUTPUT=$( echo -e "${OUTPUT}" | eval ${COLOUR_TAG} )
 fi
 
+
+## Show content
 echo "${OUTPUT}"
 
-## Print footer if not in JSON
+
+## Print footer if NOT in JSON ("--json")
 if [[ "${JSON}" -eq 0 ]]; then
   drawline
 ## Print JSON footer
@@ -654,5 +657,6 @@ else
   echo "}"
 fi
 
+
 ## Done
 exit 0