diff --git a/searchsploit b/searchsploit index 3e4ae7ed5..757606fdb 100755 --- a/searchsploit +++ b/searchsploit @@ -1,22 +1,76 @@ #!/bin/bash # exploitdb CLI search tool +# Version 2 +# Written by Unix-Ninja csvpath=/usr/share/exploitdb/files.csv +progname=`basename $0` +VERBOSE=0 -USAGE="Usage: `basename $0` [term1] [term2] [term3]\nExample: `basename $0` oracle windows local\n\nUse lower case in the search terms; second and third terms are optional.\n`basename $0` will search each line of the csv file left to right so order your search terms accordingly.\n(ie: 'oracle local' will yield better results than 'local oracle')" - -if [ $# -eq 0 ]; then - echo -e $USAGE >&2 - exit 1 +# if files.csv is in the searchsploit path, use that +if [ -f "$( dirname $0 )/files.csv" ]; then + csvpath="$( dirname $0 )/files.csv" fi +# usage info +function usage() +{ + echo "Usage: $progname [options] term1 [term2] ... [termN]" + echo "Example: $progname oracle windows local" + echo + echo "=======" + echo "Options" + echo "=======" + echo + echo " -h, --help Show help screen" + echo " -v By setting verbose output, description lines are allowed to" + echo " overflow their columns" + echo + echo "*NOTES*" + echo "Use any number of search terms you would like (minimum of one)." + echo "Search terms are not case sensitive, and order is irrelevant." + exit 1 +} +if [ $# -eq 0 -o "$1" == "-h" -o "$1" == "--help" ]; then + usage >&2 +fi -echo " Description Path" -echo --------------------------------------------------------------------------- ------------------------- +# dynamically set column widths +COL2=35 +COL1=$(( `tput cols` - $COL2 - 1 )) -awk -F "\"*,\"*" '{printf "%-75s %s\n", $3, $2}' $csvpath | awk 'tolower($0) ~ /'$1'/ && /'$2'/ && /'$3'/' | sed s/platforms// +if [ "$1" == "-v" ]; then + VERBOSE=1 + shift +fi -# You can change the identation on the path by changing the "75" above to something that suits your fancy -# (ie: screen columns) 75 columns seemed a good compromise, a few lines will get truncated, but hey... -# ideas and threats: nuno@freelancesamurai.com, backtrack forums or find me at freenode (sygo). +# print header +printf "%-${COL1}s %s" " Description" +echo " Path" +printf "%0.s-" `eval echo {1..$(( $COL1 + 1 ))}` +echo -n " " +printf "%0.s-" `eval echo {1..$(( $COL2 - 1 ))}` +echo +# create search command +SEARCH="fgrep -i \"$1\" $csvpath" +shift +while (( "$#" )); do + SEARCH="$SEARCH | fgrep -i \"$1\"" + shift +done + +# set LANG variable to avoid illegal byte sequence errors in sed +LANG=C + +# search, format, and print results +if [ "$VERBOSE" -eq 0 ]; then + eval $SEARCH \ + | awk -F "\"*,\"*" '{ printf "%-'$COL1'.'$COL1's | %s\n", $3, $2}' \ + | sed " s/| platforms/| /" +else + eval $SEARCH \ + | awk -F "\"*,\"*" '{ printf "%-'$COL1's | %s\n", $3, $2}' \ + | sed " s/| platforms/| /" +fi +exit 0