Merge pull request #91 from g0tmi1k/searchsploit
Add "--exclude" to remove values from results
This commit is contained in:
g0tmi1k
GitHub
commit
f7178c7641
2 changed files with 43 additions and 26 deletions
|
|
@ -20,6 +20,7 @@ root@kali:~# searchsploit -h
|
|||
searchsploit afd windows local
|
||||
searchsploit -t oracle windows
|
||||
searchsploit -p 39446
|
||||
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
|
||||
|
||||
For more examples, see the manual: https://www.exploit-db.com/searchsploit/
|
||||
|
||||
|
|
@ -40,7 +41,10 @@ root@kali:~# searchsploit -h
|
|||
--colour Disable colour highlighting in search results.
|
||||
--id Display the EDB-ID value rather than local path.
|
||||
--nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
|
||||
Use "-v" (verbose) to try even more combinations
|
||||
Use "-v" (verbose) to try even more combinations
|
||||
--exclude="term" Remove values from results. By using "|" to separated you can chain multiple values.
|
||||
e.g. --exclude="term1|term2|term3".
|
||||
|
||||
=======
|
||||
Notes
|
||||
=======
|
||||
|
|
@ -50,7 +54,7 @@ root@kali:~# searchsploit -h
|
|||
* And/Or '-e' if you wish to filter results by using an exact match.
|
||||
* Use '-t' to exclude the file's path to filter the search results.
|
||||
* Remove false positives (especially when searching using numbers - i.e. versions).
|
||||
* When updating from git or displaying help, search terms will be ignored.
|
||||
* When updating or displaying help, search terms will be ignored.
|
||||
|
||||
root@kali:~#
|
||||
root@kali:~# searchsploit afd windows local
|
||||
|
|
|
|||
61
searchsploit
61
searchsploit
|
|
@ -1,6 +1,6 @@
|
|||
#!/bin/bash
|
||||
# Name: SearchSploit - Exploit-DB's CLI search tool
|
||||
# Version: 3.7.6 (Release date: 2017-06-13)
|
||||
# Version: 3.8 (Release date: 2017-06-14)
|
||||
# Written by: Offensive Security, Unix-Ninja, and g0tmi1k
|
||||
# Homepage: https://github.com/offensive-security/exploit-database
|
||||
# Manual: https://www.exploit-db.com/searchsploit/
|
||||
|
|
@ -9,7 +9,7 @@
|
|||
# Exit code '0' means finished normally
|
||||
# Exit code '1' means something went wrong
|
||||
# Exit code '2' means help screen
|
||||
# Exit code '6' means updated exploitdb package (deb or git)
|
||||
# Exit code '6' means updated exploitdb package (APT or Git)
|
||||
|
||||
|
||||
## OS settings (get the path of where the script is stored + database file)
|
||||
|
|
@ -40,6 +40,7 @@ XML=0
|
|||
COLOUR_TAG=""
|
||||
TAGS=""
|
||||
SEARCH=""
|
||||
EXCLUDE=""
|
||||
CASE_TAG_GREP="-i"
|
||||
CASE_TAG_FGREP="tolower"
|
||||
AWK_SEARCH=""
|
||||
|
|
@ -60,16 +61,17 @@ LANG=C
|
|||
function usage()
|
||||
{
|
||||
echo " Usage: ${progname} [options] term1 [term2] ... [termN]"
|
||||
echo
|
||||
echo ""
|
||||
echo "=========="
|
||||
echo " Examples "
|
||||
echo "=========="
|
||||
echo " ${progname} afd windows local"
|
||||
echo " ${progname} -t oracle windows"
|
||||
echo " ${progname} -p 39446"
|
||||
echo
|
||||
echo " ${progname} linux kernel 3.2 --exclude=\"(PoC)|/dos/\""
|
||||
echo ""
|
||||
echo " For more examples, see the manual: https://www.exploit-db.com/searchsploit/"
|
||||
echo
|
||||
echo ""
|
||||
echo "========="
|
||||
echo " Options "
|
||||
echo "========="
|
||||
|
|
@ -87,7 +89,10 @@ function usage()
|
|||
echo " --colour Disable colour highlighting in search results."
|
||||
echo " --id Display the EDB-ID value rather than local path."
|
||||
echo " --nmap [file.xml] Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml)."
|
||||
echo " Use \"-v\" (verbose) to try even more combinations"
|
||||
echo " Use \"-v\" (verbose) to try even more combinations"
|
||||
echo " --exclude=\"term\" Remove values from results. By using \"|\" to separated you can chain multiple values."
|
||||
echo " e.g. --exclude=\"term1|term2|term3\"."
|
||||
echo ""
|
||||
echo "======="
|
||||
echo " Notes "
|
||||
echo "======="
|
||||
|
|
@ -97,7 +102,7 @@ function usage()
|
|||
echo " * And/Or '-e' if you wish to filter results by using an exact match."
|
||||
echo " * Use '-t' to exclude the file's path to filter the search results."
|
||||
echo " * Remove false positives (especially when searching using numbers - i.e. versions)."
|
||||
echo " * When updating from git or displaying help, search terms will be ignored."
|
||||
echo " * When updating or displaying help, search terms will be ignored."
|
||||
echo ""
|
||||
exit 2
|
||||
}
|
||||
|
|
@ -120,7 +125,7 @@ function update()
|
|||
updatedbrew
|
||||
fi
|
||||
|
||||
# Update via git
|
||||
# Update via Git
|
||||
updategit
|
||||
|
||||
# Done
|
||||
|
|
@ -131,7 +136,7 @@ function update()
|
|||
## Update database (via .deb/apt)
|
||||
function updatedeb()
|
||||
{
|
||||
echo -e '[i] Updating via APT package management. Expect weekly-ish updates.\n'
|
||||
echo -e '[i] Updating via APT package management (Expect weekly-ish updates).\n'
|
||||
|
||||
sudo apt update \
|
||||
|| echo -e '\n[-] Issue with apt update (Please check network connectivity & APT SourcesList values).' 1>&2
|
||||
|
|
@ -153,17 +158,17 @@ function updatedbrew()
|
|||
echo -e "\n[*] Brew update finished."
|
||||
}
|
||||
|
||||
## Update database (via GIT)
|
||||
## Update database (via Git)
|
||||
function updategit()
|
||||
{
|
||||
echo -e '[i] Updating via git. Expect daily updates.\n'
|
||||
echo -e '[i] Updating via Git (Expect daily updates).\n'
|
||||
|
||||
## Make sure we are in the correct folder
|
||||
mkdir -p "${gitpath}/" \
|
||||
|| sudo mkdir -p "${gitpath}/"
|
||||
cd "${gitpath}/"
|
||||
|
||||
## Are we in a git repo?
|
||||
## Are we in a Git repo?
|
||||
if [[ "$( git rev-parse --is-inside-work-tree )" != "true" ]]; then
|
||||
if [[ "$( ls )" = "" ]]; then
|
||||
# If directory is empty, just clone
|
||||
|
|
@ -172,9 +177,9 @@ function updategit()
|
|||
fi
|
||||
fi
|
||||
|
||||
# Is our git remote added? (aka homebrew)
|
||||
# Is our Git remote added? (aka homebrew)
|
||||
if [[ "$( git remote -v )" != *"${gitremote}"* ]]; then
|
||||
echo -e '\n[i] Missing git remote:' "${gitremote}"
|
||||
echo -e '\n[i] Missing Git remote:' "${gitremote}"
|
||||
git init >/dev/null
|
||||
git remote add origin "${gitremote}" 2>/dev/null
|
||||
fi
|
||||
|
|
@ -404,14 +409,14 @@ for param in "$@"; do
|
|||
SCASE=1
|
||||
elif [[ "${param}" == "--exact" ]]; then
|
||||
EXACT=1
|
||||
elif [[ "${param}" == "--examine" ]]; then
|
||||
elif [[ "${param}" == "--examine" ]] || [[ "${param}" == "--open" ]] || [[ "${param}" == "--view" ]]; then
|
||||
GETPATH=1
|
||||
EXAMINE=1
|
||||
elif [[ "${param}" == "--help" ]]; then
|
||||
usage >&2
|
||||
elif [[ "${param}" == "--json" ]]; then
|
||||
JSON=1
|
||||
elif [[ "${param}" == "--mirror" ]]; then
|
||||
elif [[ "${param}" == "--mirror" ]] || [[ "${param}" == "--copy" ]] || [[ "${param}" == "--dup" ]] || [[ "${param}" == "--duplicate" ]]; then
|
||||
GETPATH=1
|
||||
MIRROR=1
|
||||
elif [[ "${param}" == "--overflow" ]]; then
|
||||
|
|
@ -431,6 +436,8 @@ for param in "$@"; do
|
|||
EDBID=1
|
||||
elif [[ "${param}" == "--nmap" ]]; then
|
||||
XML=1
|
||||
elif [[ "${param}" =~ "--exclude=" ]]; then
|
||||
EXCLUDE="$( echo "${param}" | cut -d '=' -f 2- )"
|
||||
elif [[ "${param}" == "--verbose" ]]; then
|
||||
VERBOSE=1
|
||||
else
|
||||
|
|
@ -478,7 +485,7 @@ fi
|
|||
## Read in XML
|
||||
if [[ "${XML}" -eq 1 ]]; then
|
||||
## Trim white spaces
|
||||
FILE=$(echo ${TAGS} | xargs)
|
||||
FILE=$( echo ${TAGS} | xargs )
|
||||
|
||||
## Is there a file?
|
||||
if [[ ! -f "${FILE}" ]]; then
|
||||
|
|
@ -488,7 +495,7 @@ if [[ "${XML}" -eq 1 ]]; then
|
|||
|
||||
if ! hash xmllint 2>/dev/null; then
|
||||
echo -e '\n[!] Please install xmllint' 1>&2
|
||||
echo -e '[i] Kali Linux -> apt install -y libxml2-utils' 1>&2
|
||||
echo -e '[i] Kali Linux -> apt -y install libxml2-utils' 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
|
|
@ -506,13 +513,13 @@ fi
|
|||
|
||||
## Print the full path. If pbcopy/xclip is available then copy to the clipboard
|
||||
if [[ "${GETPATH}" -eq 1 ]]; then
|
||||
for exploit in $(echo ${TAGS}); do
|
||||
for exploit in $( echo ${TAGS} ); do
|
||||
## Get EDB-ID from input
|
||||
edbdb="$( echo ${exploit} | rev | cut -d '/' -f1 | rev | cut -d'.' -f1 | tr -dc '0-9' )"
|
||||
|
||||
## Check files.csv
|
||||
location=$( cut -d, -f2 "${csvpath}" | grep -m 1 -E "/${edbdb}(\..*)?$" )
|
||||
title=$( grep -m 1 "${location}" "${csvpath}" | cut -d, -f3 | sed 's/"//g' )
|
||||
location=$( cut -d ',' -f 2 "${csvpath}" | grep -m 1 -E "/${edbdb}(\..*)?$" )
|
||||
title=$( grep -m 1 "${location}" "${csvpath}" | cut -d ',' -f 3 | sed 's/"//g' )
|
||||
|
||||
## Join paths
|
||||
location="${gitpath}/${location}"
|
||||
|
|
@ -557,8 +564,8 @@ if [[ "${GETPATH}" -eq 1 ]]; then
|
|||
fi
|
||||
|
||||
if [[ "${MIRROR}" -eq 1 ]]; then
|
||||
cp -i "${location}" "$(pwd)/"
|
||||
echo "Copied to '$(pwd)/'"
|
||||
cp -i "${location}" "$( pwd )/"
|
||||
echo "Copied to '$( pwd )/'"
|
||||
echo -e "\n"
|
||||
fi
|
||||
else
|
||||
|
|
@ -596,7 +603,7 @@ fi
|
|||
COL1=$(( $( tput cols ) - COL2 - 1 ))
|
||||
|
||||
## Remove leading space
|
||||
TAGS="$(echo ${TAGS} | sed -e 's/^[[:space:]]//')"
|
||||
TAGS="$( echo ${TAGS} | sed -e 's/^[[:space:]]//' )"
|
||||
|
||||
## Print header if NOT in JSON ("--json")
|
||||
if [[ "${JSON}" -eq 0 ]]; then
|
||||
|
|
@ -666,6 +673,12 @@ fi
|
|||
SEARCH="${SEARCH} | sed 's/\"//g'"
|
||||
|
||||
|
||||
## Remove any terms not wanted from the search
|
||||
if [[ "${EXCLUDE}" ]]; then
|
||||
SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'"
|
||||
fi
|
||||
|
||||
|
||||
## Magic search Fu
|
||||
## Web link format ("--www")?
|
||||
if [[ "${WEBLINK}" -eq 1 ]]; then
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue