Merge pull request #91 from g0tmi1k/searchsploit

Add "--exclude" to remove values from results

README.md

@@ -20,6 +20,7 @@ root@kali:~# searchsploit -h
   searchsploit afd windows local
   searchsploit -t oracle windows
   searchsploit -p 39446
+  searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
 
   For more examples, see the manual: https://www.exploit-db.com/searchsploit/
 
@@ -41,6 +42,9 @@ root@kali:~# searchsploit -h
        --id                   Display the EDB-ID value rather than local path.
        --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                                 Use "-v" (verbose) to try even more combinations
+       --exclude="term"       Remove values from results. By using "|" to separated you can chain multiple values.
+                                e.g. --exclude="term1|term2|term3".
+
 =======
  Notes
 =======
@@ -50,7 +54,7 @@ root@kali:~# searchsploit -h
    * And/Or '-e' if you wish to filter results by using an exact match.
  * Use '-t' to exclude the file's path to filter the search results.
    * Remove false positives (especially when searching using numbers - i.e. versions).
- * When updating from git or displaying help, search terms will be ignored.
+ * When updating or displaying help, search terms will be ignored.
 
 root@kali:~#
 root@kali:~# searchsploit afd windows local

searchsploit

@@ -1,6 +1,6 @@
 #!/bin/bash
 #       Name: SearchSploit - Exploit-DB's CLI search tool
-#    Version: 3.7.6 (Release date: 2017-06-13)
+#    Version: 3.8 (Release date: 2017-06-14)
 # Written by: Offensive Security, Unix-Ninja, and g0tmi1k
 #   Homepage: https://github.com/offensive-security/exploit-database
 #     Manual: https://www.exploit-db.com/searchsploit/
@@ -9,7 +9,7 @@
 #   Exit code '0' means finished normally
 #   Exit code '1' means something went wrong
 #   Exit code '2' means help screen
-#   Exit code '6' means updated exploitdb package (deb or git)
+#   Exit code '6' means updated exploitdb package (APT or Git)
 
 
 ## OS settings (get the path of where the script is stored + database file)
@@ -40,6 +40,7 @@ XML=0
 COLOUR_TAG=""
 TAGS=""
 SEARCH=""
+EXCLUDE=""
 CASE_TAG_GREP="-i"
 CASE_TAG_FGREP="tolower"
 AWK_SEARCH=""
@@ -60,16 +61,17 @@ LANG=C
 function usage()
 {
   echo "  Usage: ${progname} [options] term1 [term2] ... [termN]"
-  echo
+  echo ""
   echo "=========="
   echo " Examples "
   echo "=========="
   echo "  ${progname} afd windows local"
   echo "  ${progname} -t oracle windows"
   echo "  ${progname} -p 39446"
-  echo
+  echo "  ${progname} linux kernel 3.2 --exclude=\"(PoC)|/dos/\""
+  echo ""
   echo "  For more examples, see the manual: https://www.exploit-db.com/searchsploit/"
-  echo
+  echo ""
   echo "========="
   echo " Options "
   echo "========="
@@ -88,6 +90,9 @@ function usage()
   echo "       --id                   Display the EDB-ID value rather than local path."
   echo "       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml)."
   echo "                                Use \"-v\" (verbose) to try even more combinations"
+  echo "       --exclude=\"term\"       Remove values from results. By using \"|\" to separated you can chain multiple values."
+  echo "                                e.g. --exclude=\"term1|term2|term3\"."
+  echo ""
   echo "======="
   echo " Notes "
   echo "======="
@@ -97,7 +102,7 @@ function usage()
   echo "   * And/Or '-e' if you wish to filter results by using an exact match."
   echo " * Use '-t' to exclude the file's path to filter the search results."
   echo "   * Remove false positives (especially when searching using numbers - i.e. versions)."
-  echo " * When updating from git or displaying help, search terms will be ignored."
+  echo " * When updating or displaying help, search terms will be ignored."
   echo ""
   exit 2
 }
@@ -120,7 +125,7 @@ function update()
     updatedbrew
   fi
 
-  # Update via git
+  # Update via Git
   updategit
 
   # Done
@@ -131,7 +136,7 @@ function update()
 ## Update database (via .deb/apt)
 function updatedeb()
 {
-  echo -e '[i] Updating via APT package management. Expect weekly-ish updates.\n'
+  echo -e '[i] Updating via APT package management (Expect weekly-ish updates).\n'
 
   sudo apt update \
     || echo -e '\n[-] Issue with apt update (Please check network connectivity & APT SourcesList values).' 1>&2
@@ -153,17 +158,17 @@ function updatedbrew()
   echo -e "\n[*] Brew update finished."
 }
 
-## Update database (via GIT)
+## Update database (via Git)
 function updategit()
 {
-  echo -e '[i] Updating via git. Expect daily updates.\n'
+  echo -e '[i] Updating via Git (Expect daily updates).\n'
 
   ## Make sure we are in the correct folder
   mkdir -p "${gitpath}/" \
     || sudo mkdir -p "${gitpath}/"
   cd "${gitpath}/"
 
-  ## Are we in a git repo?
+  ## Are we in a Git repo?
   if [[ "$( git rev-parse --is-inside-work-tree )" != "true" ]]; then
     if [[ "$( ls )" = "" ]]; then
       # If directory is empty, just clone
@@ -172,9 +177,9 @@ function updategit()
     fi
   fi
 
-  # Is our git remote added? (aka homebrew)
+  # Is our Git remote added? (aka homebrew)
   if [[ "$( git remote -v )" != *"${gitremote}"* ]]; then
-    echo -e '\n[i] Missing git remote:' "${gitremote}"
+    echo -e '\n[i] Missing Git remote:' "${gitremote}"
     git init >/dev/null
     git remote add origin "${gitremote}" 2>/dev/null
   fi
@@ -404,14 +409,14 @@ for param in "$@"; do
     SCASE=1
   elif [[ "${param}" == "--exact" ]]; then
     EXACT=1
-  elif [[ "${param}" == "--examine" ]]; then
+  elif [[ "${param}" == "--examine" ]] || [[ "${param}" == "--open" ]] || [[ "${param}" == "--view" ]]; then
     GETPATH=1
     EXAMINE=1
   elif [[ "${param}" == "--help" ]]; then
     usage >&2
   elif [[ "${param}" == "--json" ]]; then
     JSON=1
-  elif [[ "${param}" == "--mirror" ]]; then
+  elif [[ "${param}" == "--mirror" ]] || [[ "${param}" == "--copy" ]] || [[ "${param}" == "--dup" ]] || [[ "${param}" == "--duplicate" ]]; then
     GETPATH=1
     MIRROR=1
   elif [[ "${param}" == "--overflow" ]]; then
@@ -431,6 +436,8 @@ for param in "$@"; do
     EDBID=1
   elif [[ "${param}" == "--nmap" ]]; then
     XML=1
+  elif [[ "${param}" =~ "--exclude=" ]]; then
+    EXCLUDE="$( echo "${param}" | cut -d '=' -f 2- )"
   elif [[ "${param}" == "--verbose" ]]; then
     VERBOSE=1
   else
@@ -488,7 +495,7 @@ if [[ "${XML}" -eq 1 ]]; then
 
   if ! hash xmllint 2>/dev/null; then
     echo -e '\n[!] Please install xmllint' 1>&2
-    echo -e '[i]   Kali Linux -> apt install -y libxml2-utils' 1>&2
+    echo -e '[i]   Kali Linux -> apt -y install libxml2-utils' 1>&2
     exit 1
   fi
 
@@ -511,8 +518,8 @@ if [[ "${GETPATH}" -eq 1 ]]; then
     edbdb="$( echo ${exploit} | rev | cut -d '/' -f1 | rev | cut -d'.' -f1 | tr -dc '0-9' )"
 
     ## Check files.csv
-    location=$( cut -d, -f2 "${csvpath}" | grep -m 1 -E "/${edbdb}(\..*)?$" )
+    location=$( cut -d ',' -f 2 "${csvpath}" | grep -m 1 -E "/${edbdb}(\..*)?$" )
-    title=$( grep -m 1 "${location}" "${csvpath}" | cut -d, -f3 | sed 's/"//g' )
+    title=$( grep -m 1 "${location}" "${csvpath}" | cut -d ',' -f 3 | sed 's/"//g' )
 
     ## Join paths
     location="${gitpath}/${location}"
@@ -666,6 +673,12 @@ fi
 SEARCH="${SEARCH} | sed 's/\"//g'"
 
 
+## Remove any terms not wanted from the search
+if [[ "${EXCLUDE}" ]]; then
+  SEARCH="${SEARCH} | grep -vEi '${EXCLUDE}'"
+fi
+
+
 ## Magic search Fu
 ## Web link format ("--www")?
 if [[ "${WEBLINK}" -eq 1 ]]; then