forked from offensive-security/exploitdb
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsearchsploit
executable file
·156 lines (138 loc) · 3.62 KB
/
searchsploit
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
#!/bin/bash
# exploitdb CLI search tool
# Version 3
# Written by Unix-Ninja
gitremote=https://github.com/offensive-security/exploit-database.git
gitpath=/usr/share/exploitdb
csvpath=${gitpath}/files.csv
progname=`basename $0`
TAGS=
SCASE='-i'
UPDATE=0
VERBOSE=0
# NOTE:
# Exit code 0 means finished normally
# Exit code 6 means updated from github
# if files.csv is in the searchsploit path, use that
if [ -f "$( dirname $0 )/files.csv" ]; then
csvpath="$( dirname $0 )/files.csv"
fi
# usage info
function usage()
{
echo "Usage: $progname [options] term1 [term2] ... [termN]"
echo "Example: $progname oracle windows local"
echo
echo "========="
echo " Options "
echo "========="
echo " -c Perform case-sensitive searches; by default, searches will"
echo " try to be greedy"
echo " -h, --help Show help screen"
echo " -u Update db from git"
echo " -v By setting verbose output, description lines are allowed to"
echo " overflow their columns"
echo
echo "======="
echo " NOTES "
echo "======="
echo " * Use any number of search terms you would like (minimum: 1)"
echo " * Search terms are not case sensitive, and order is irrelevant"
echo " * When updating from git, searches will be ignored"
exit 1
}
# dynamically set column widths
COL2=35
COL1=$(( `tput cols` - $COL2 - 1 ))
# check for empty args
if [ $# -eq 0 ]; then
usage >&2
fi
# parse long arguments
ARGS="-"
for param in $@; do
if [ "$param" == "--help" ]; then
usage >&2
else
if [ "${param:0:1}" == "-" ]; then
ARGS=$ARGS${param:1}
shift
continue
fi
TAGS="$TAGS $param"
fi
done
# parse short arguments
while getopts "chuv" arg $ARGS; do
if [ "$arg" = "?" ]; then
usage >&2;
fi
case $arg in
c) SCASE='';;
h) usage >&2;;
u) UPDATE=1;;
v) VERBOSE=1;;
esac
shift $((OPTIND-1))
done
# was an update requested?
if [ "$UPDATE" -eq 1 ]; then
cd $gitpath
# make sure a git repo is init before updating
if [ "$(git rev-parse --is-inside-work-tree)" != "true" ]; then
if [ "$(ls)" = "" ]; then
#if directory is empty, just clone
git clone $gitremote .
else
# if not empty, init and add remote
git init > /dev/null
git remote add origin $gitremote
fi
fi
# make sure to prep checkout first
git checkout -- .
# update from github
git pull origin master
# if conflicts, clean and try again
if [ "$?" -ne 0 ]; then
git clean -d -fx ""
git pull origin master
fi
echo "Update finished."
exit 6
fi
# print header
printf "%0.s-" `eval echo {1..$(( $COL1 + 1 ))}`
echo -n " "
printf "%0.s-" `eval echo {1..$(( $COL2 - 1 ))}`
printf "%-${COL1}s %s" " Description"
echo "| Path"
printf "%0.s-" `eval echo {1..$(( $COL1 + 1 ))}`
echo -n " "
printf "%0.s-" `eval echo {1..$(( $COL2 - 1 ))}`
echo
# create search command
SEARCH=
for tag in $TAGS; do
if [ "$SEARCH" ]; then
SEARCH="$SEARCH |"
fi
SEARCH="$SEARCH fgrep $SCASE \"$tag\""
done
# set LANG variable to avoid illegal byte sequence errors in sed
LANG=C
# search, format, and print results
if [ "$VERBOSE" -eq 0 ]; then
FORMAT=$COL1'.'$COL1
else
FORMAT=$COL1
fi
cat $csvpath \
| eval $SEARCH \
| awk -F "\"*,\"*" '{ printf "%-'$FORMAT's | %s\n", $3, $2}' \
| sed " s/| platforms/| /" \
| eval $SEARCH
printf "%0.s-" `eval echo {1..$(( $COL1 + 1 ))}`
echo -n " "
printf "%0.s-" `eval echo {1..$(( $COL2 - 1 ))}`
exit 0