Fix bug with --exclude

2020-05-01 16:29:36 +01:00 · 2020-05-01 16:29:36 +01:00 · f312ab6413
commit f312ab6413
parent 2cffa6f07c
1 changed files with 20 additions and 16 deletions
--- a/36
+++ b/36
@ -1,6 +1,6 @@
-#!/bin/bash
+#!/usr/bin/env bash
 #       Name: SearchSploit - Exploit-DB's CLI search tool
-#    Version: 4.1.0 (2020-04-30)
+#    Version: 4.1.1 (2020-05-01)
 # Written by: Offensive Security, Unix-Ninja, and g0tmi1k
 #   Homepage: https://github.com/offensive-security/exploitdb
 #     Manual: https://www.exploit-db.com/searchsploit
@ -481,9 +481,10 @@ function findresults() {
  ## JSON require full options ("--json")
  if [[ "${JSON}" -eq 1 ]] || [[ "${FUZZY}" -eq 1 ]]; then
    ## Read (id, path, title, date, author, type, platform) separated between commas
-    SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7}' \"${path_in}/${file_in}\""
-    ## Read (id, title) separated between commas & search for less than (and grater than values) too
-    FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\""
+    ## Needs to end with a `,` to match the awk search later for FUZZY_SEARCH with "sort -u"
+    SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3\",\"\$4\",\"\$5\",\"\$6\",\"\$7\",\"}' \"${path_in}/${file_in}\""
+    ## Read (id, path, title) separated between commas & search for less than (and grater than values) too
+    FUZZY_SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\" | grep ${COLOUR_OFF_GREP} \"<\|>\""
  else
    ## Read (id, path, title) separated between commas (as these are the only visible fields)
    SEARCH="awk -F '[,]' '{print \$1\",\"\$2\",\"\$3}' \"${path_in}/${file_in}\""
@ -507,6 +508,13 @@ function findresults() {
    && SEARCH="${SEARCH} | awk -F '[,]' '${CASE_TAG_FGREP}(\$3) ~ /${AWK_SEARCH}/ {print}'"


+  ## Remove any terms not wanted from the search
+  [[ "${EXCLUDE}" ]] \
+    && SEARCH="${SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'"
+  [[ "${EXCLUDE}" ]] && [[ "${FUZZY}" -eq 1 ]] \
+    && FUZZY_SEARCH="${FUZZY_SEARCH} | grep ${REGEX_GREP} -vi '${EXCLUDE}'"
+
+
  ## If we are to use colour ("--colour"), add the value here
  if [[ "${COLOUR_TAG}" ]] && [[ "${JSON}" -eq 0 ]]; then
    COLOUR_TAG="grep ${COLOUR_ON_GREP} -iE \"${COLOUR_TAG}|$\""
@ -518,6 +526,7 @@ function findresults() {
    && COL2=45 \
    || COL2=$(( 34 )) ## Max length + 2 ~ $ find .  ! -path '*/.*' -type f | awk '{ print length, $0 }' | sort -n -s | cut -d" " -f2- | tail -n 1
    #|| COL2=$(( ${#path_in} + 21 ))
+
  COL1=$(( $( tput cols ) - COL2 - 1 ))


@ -530,11 +539,6 @@ function findresults() {
  FORMAT_COL2=$(( ${COL2} - 2 ))


-  ## Remove any terms not wanted from the search
-  [[ "${EXCLUDE}" ]] \
-    && SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'"
-
-
  ## Are we doing a fuzzy search & did we manage to detect the version
  if [[ "${FUZZY}" -eq 1 ]] && [[ -n "${VERSION}" ]]; then
    ## SubShells - http://mywiki.wooledge.org/BashFAQ/024
@ -586,6 +590,7 @@ function findresults() {
      ## Should support:
      ##   Exploit < 1 / <= 1.2 / < 1.2.3.4 / < 1.2.3.x
      ##   Exploit 1.0 < 1.2.3.4
+      ## ...This can be better so it doesn't search in brackets: "Linux Kernel (Solaris 10 / < 5.10 138888-01) - Local Privilege Escalation"
    done < <(
        eval "${FUZZY_SEARCH}"
    )
@ -598,7 +603,8 @@ function findresults() {
      eval ${SEARCH}; \
      awk "/^(${ID}),/ {print}" "${path_in}/${file_in}" \
    ) \
-    | sed 's/\"//g'
+    | sed 's/\"//g' \
+    | sort -u
  )"

  ## If there are no results, no point going on
@ -1028,11 +1034,9 @@ if [[ "${FUZZY}" -eq 1 ]] && [[ -z "${VERSION}" ]] && [[ "${VERBOSE}" -eq 1 ]];
 fi


-## Was it just an number entered in the terms?
-if echo "${TAGS}" | grep ${REGEX_GREP} -q "^(\d+)$"; then
-  ## Disable fuzzy
-  FUZZY=0
-fi
+## Is it just a single tag, disable fuzzy
+[[  "${TAGS}" != *" "* ]] \
+  && FUZZY=0


 #-----------------------------------------------------------------------------#