diff --git a/searchsploit b/searchsploit index eec8a0c83..292ae7403 100755 --- a/searchsploit +++ b/searchsploit @@ -1,6 +1,6 @@ -#!/bin/bash +#!/usr/bin/env bash # Name: SearchSploit - Exploit-DB's CLI search tool -# Version: 4.1.0 (2020-04-30) +# Version: 4.1.1 (2020-05-01) # Written by: Offensive Security, Unix-Ninja, and g0tmi1k # Homepage: https://github.com/offensive-security/exploitdb # Manual: https://www.exploit-db.com/searchsploit @@ -481,9 +481,10 @@ function findresults() { ## JSON require full options ("--json") if [[ "${JSON}" -eq 1 ]] || [[ "${FUZZY}" -eq 1 ]]; then ## Read (id, path, title, date, author, type, platform) separated between commas - SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7}' \"${path_in}/${file_in}\"" - ## Read (id, title) separated between commas & search for less than (and grater than values) too - FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\"" + ## Needs to end with a `,` to match the awk search later for FUZZY_SEARCH with "sort -u" + SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7\",\"}' \"${path_in}/${file_in}\"" + ## Read (id, path, title) separated between commas & search for less than (and grater than values) too + FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\"" else ## Read (id, path, title) separated between commas (as these are the only visible fields) SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\"" @@ -507,6 +508,13 @@ function findresults() { && SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'" + ## Remove any terms not wanted from the search + [[ "${EXCLUDE}" ]] \ + && SEARCH="${SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'" + [[ "${EXCLUDE}" ]] && [[ "${FUZZY}" -eq 1 ]] \ + && FUZZY_SEARCH="${FUZZY_SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'" + + ## If we are to use colour ("--colour"), add the value here if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then COLOUR_TAG="grep ${COLOUR_ON_GREP} -iE \"${COLOUR_TAG}|$\"" @@ -518,6 +526,7 @@ function findresults() { && COL2=45 \ || COL2=$(( 34 )) ## Max length + 2 ~ $ find . ! -path '*/.*' -type f | awk '{ print length, $0 }' | sort -n -s | cut -d" " -f2- | tail -n 1 #|| COL2=$(( ${#path_in} + 21 )) + COL1=$(( $( tput cols ) - COL2 - 1 )) @@ -530,11 +539,6 @@ function findresults() { FORMAT_COL2=$(( ${COL2} - 2 )) - ## Remove any terms not wanted from the search - [[ "${EXCLUDE}" ]] \ - && SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'" - - ## Are we doing a fuzzy search & did we manage to detect the version if [[ "${FUZZY}" -eq 1 ]] && [[ -n "${VERSION}" ]]; then ## SubShells - http://mywiki.wooledge.org/BashFAQ/024 @@ -586,6 +590,7 @@ function findresults() { ## Should support: ## Exploit < 1 / <= 1.2 / < 1.2.3.4 / < 1.2.3.x ## Exploit 1.0 < 1.2.3.4 + ## ...This can be better so it doesn't search in brackets: "Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation" done < <( eval "${FUZZY_SEARCH}" ) @@ -598,7 +603,8 @@ function findresults() { eval ${SEARCH}; \ awk "/^(${ID}),/ {print}" "${path_in}/${file_in}" \ ) \ - | sed 's/\"//g' + | sed 's/\"//g' \ + | sort -u )" ## If there are no results, no point going on @@ -1028,11 +1034,9 @@ if [[ "${FUZZY}" -eq 1 ]] && [[ -z "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]]; fi -## Was it just an number entered in the terms? -if echo "${TAGS}" | grep ${REGEX_GREP} -q "^(\d+)$"; then - ## Disable fuzzy - FUZZY=0 -fi +## Is it just a single tag, disable fuzzy +[[ "${TAGS}" != *" "* ]] \ + && FUZZY=0 #-----------------------------------------------------------------------------#