bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Fix bug with --exclude

Browse source
This commit is contained in:
g0tmi1k 2020-05-01 16:29:36 +01:00
parent 2cffa6f07c
commit f312ab6413
1 changed files with 20 additions and 16 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

36
searchsploit
View file

@ -1,6 +1,6 @@
#!/bin/bash #!/usr/bin/env bash
# Name: SearchSploit - Exploit-DB's CLI search tool # Name: SearchSploit - Exploit-DB's CLI search tool
# Version: 4.1.0 (2020-04-30) # Version: 4.1.1 (2020-05-01)
# Written by: Offensive Security, Unix-Ninja, and g0tmi1k # Written by: Offensive Security, Unix-Ninja, and g0tmi1k
# Homepage: https://github.com/offensive-security/exploitdb # Homepage: https://github.com/offensive-security/exploitdb
# Manual: https://www.exploit-db.com/searchsploit # Manual: https://www.exploit-db.com/searchsploit
@ -481,9 +481,10 @@ function findresults() {
## JSON require full options ("--json") ## JSON require full options ("--json")
if [[ "${JSON}" -eq 1 ]] || [[ "${FUZZY}" -eq 1 ]]; then if [[ "${JSON}" -eq 1 ]] || [[ "${FUZZY}" -eq 1 ]]; then
## Read (id, path, title, date, author, type, platform) separated between commas ## Read (id, path, title, date, author, type, platform) separated between commas
SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7}' \"${path_in}/${file_in}\"" ## Needs to end with a `,` to match the awk search later for FUZZY_SEARCH with "sort -u"
## Read (id, title) separated between commas & search for less than (and grater than values) too SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7\",\"}' \"${path_in}/${file_in}\""
FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\"" ## Read (id, path, title) separated between commas & search for less than (and grater than values) too
FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\""
else else
## Read (id, path, title) separated between commas (as these are the only visible fields) ## Read (id, path, title) separated between commas (as these are the only visible fields)
SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\"" SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\""
@ -507,6 +508,13 @@ function findresults() {
&& SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'" && SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'"
## Remove any terms not wanted from the search
[[ "${EXCLUDE}" ]] \
&& SEARCH="${SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'"
[[ "${EXCLUDE}" ]] && [[ "${FUZZY}" -eq 1 ]] \
&& FUZZY_SEARCH="${FUZZY_SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'"
## If we are to use colour ("--colour"), add the value here ## If we are to use colour ("--colour"), add the value here
if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
COLOUR_TAG="grep ${COLOUR_ON_GREP} -iE \"${COLOUR_TAG}|$\"" COLOUR_TAG="grep ${COLOUR_ON_GREP} -iE \"${COLOUR_TAG}|$\""
@ -518,6 +526,7 @@ function findresults() {
&& COL2=45 \ && COL2=45 \
|| COL2=$(( 34 )) ## Max length + 2 ~ $ find . ! -path '*/.*' -type f | awk '{ print length, $0 }' | sort -n -s | cut -d" " -f2- | tail -n 1 || COL2=$(( 34 )) ## Max length + 2 ~ $ find . ! -path '*/.*' -type f | awk '{ print length, $0 }' | sort -n -s | cut -d" " -f2- | tail -n 1
#|| COL2=$(( ${#path_in} + 21 )) #|| COL2=$(( ${#path_in} + 21 ))
COL1=$(( $( tput cols ) - COL2 - 1 )) COL1=$(( $( tput cols ) - COL2 - 1 ))
@ -530,11 +539,6 @@ function findresults() {
FORMAT_COL2=$(( ${COL2} - 2 )) FORMAT_COL2=$(( ${COL2} - 2 ))
## Remove any terms not wanted from the search
[[ "${EXCLUDE}" ]] \
&& SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'"
## Are we doing a fuzzy search & did we manage to detect the version ## Are we doing a fuzzy search & did we manage to detect the version
if [[ "${FUZZY}" -eq 1 ]] && [[ -n "${VERSION}" ]]; then if [[ "${FUZZY}" -eq 1 ]] && [[ -n "${VERSION}" ]]; then
## SubShells - http://mywiki.wooledge.org/BashFAQ/024 ## SubShells - http://mywiki.wooledge.org/BashFAQ/024
@ -586,6 +590,7 @@ function findresults() {
## Should support: ## Should support:
## Exploit < 1 / <= 1.2 / < 1.2.3.4 / < 1.2.3.x ## Exploit < 1 / <= 1.2 / < 1.2.3.4 / < 1.2.3.x
## Exploit 1.0 < 1.2.3.4 ## Exploit 1.0 < 1.2.3.4
## ...This can be better so it doesn't search in brackets: "Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation"
done < <( done < <(
eval "${FUZZY_SEARCH}" eval "${FUZZY_SEARCH}"
) )
@ -598,7 +603,8 @@ function findresults() {
eval ${SEARCH}; \ eval ${SEARCH}; \
awk "/^(${ID}),/ {print}" "${path_in}/${file_in}" \ awk "/^(${ID}),/ {print}" "${path_in}/${file_in}" \
) \ ) \
| sed 's/\"//g' | sed 's/\"//g' \
| sort -u
)" )"
## If there are no results, no point going on ## If there are no results, no point going on
@ -1028,11 +1034,9 @@ if [[ "${FUZZY}" -eq 1 ]] && [[ -z "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]];
fi fi
## Was it just an number entered in the terms? ## Is it just a single tag, disable fuzzy
if echo "${TAGS}" | grep ${REGEX_GREP} -q "^(\d+)$"; then [[ "${TAGS}" != *" "* ]] \
## Disable fuzzy && FUZZY=0
FUZZY=0
fi
#-----------------------------------------------------------------------------# #-----------------------------------------------------------------------------#