View Issue Details

Jump to NotesJump to History
IDProjectCategoryView StatusDate SubmittedLast Update
0000707Kali LinuxQueued Tool Additionpublic2013-11-19 16:272021-05-18 11:02
Reporterunix-ninja Assigned Todookie  
PrioritynormalSeverityminorReproducibilityN/A
Status resolvedResolutionfixed 
Fixed in Version1.0.7 
Summary0000707: searchsploit utility needs moar bass
Description

So, the searchsploit utility ****ed me off a bit, for a few reasons; therefore I decided to rewrite it.
In the new version:

  • Search terms are case-insensitive, so it doesn't matter if you type everything in lowercase anymore
  • Order of search terms doesn't matter, so you can more easily find relevant entries without knowing the order
  • An arbitrary number of search terms are now supported. Why stop at 3? You can now put in 100! (although 3-5 seems to be my sweetspot ;] )
  • The output now automatically resizes itself to your terminal window (no need to mess with script variables)
  • As an added bonus, my bench marks show this version using 2 or 3 search terms runs on average 3x - 4x faster than the original script

I also dropped in some new code for output formatting. By default, it will truncate descriptions to fit in the first output column. However, throw in a "-v" and the descriptions will be allowed to overflow their columns.

That's about all for now. I figured I would throw my script back your way in case you guys wanted to include it in a new release of Kali.
:]

Attached Files
searchsploit-corrected (1,725 bytes)    
#!/bin/bash
# exploitdb CLI search tool
# Version 2
# Written by Unix-Ninja

csvpath=/usr/share/exploitdb/files.csv
progname=`basename $0`
VERBOSE=0

# if files.csv is in the searchsploit path, use that
if [ -f "$( dirname $0 )/files.csv" ]; then
	csvpath="$( dirname $0 )/files.csv"
fi

# usage info
function usage()
{
	echo "Usage: $progname [options] term1 [term2] ... [termN]"
	echo "Example: $progname oracle windows local"
	echo 
	echo "======="
	echo "Options"
	echo "======="
	echo
	echo "  -h, --help   Show help screen" 
	echo "  -v           By setting verbose output, description lines are allowed to"
	echo "               overflow their columns"
	echo
	echo "*NOTES*"
	echo "Use any number of search terms you would like (minimum of one)."
	echo "Search terms are not case sensitive, and order is irrelevant."
	exit 1
}
if [ $# -eq 0 -o "$1" == "-h" -o "$1" == "--help" ]; then
	usage >&2
fi

# dynamically set column widths
COL2=35
COL1=$(( `tput cols` - $COL2 - 1 ))

if [ "$1" == "-v" ]; then
	VERBOSE=1
	shift
fi

# print header
printf "%-${COL1}s %s" " Description"
echo "  Path"
printf "%0.s-" `eval echo {1..$(( $COL1 + 1 ))}`
echo -n " "
printf "%0.s-" `eval echo {1..$(( $COL2 - 1 ))}`
echo

# create search command
SEARCH="fgrep -i \"$1\" $csvpath"
shift
while (( "$#" )); do
  SEARCH="$SEARCH | fgrep -i \"$1\""
  shift
done

# set LANG variable to avoid illegal byte sequence errors in sed
LANG=C

# search, format, and print results
if [ "$VERBOSE" -eq 0 ]; then
	eval $SEARCH \
	| awk -F "\"*,\"*" '{ printf "%-'$COL1'.'$COL1's | %s\n", $3, $2}' \
	| sed "	s/| platforms/| /"
else
	eval $SEARCH \
	| awk -F "\"*,\"*" '{ printf "%-'$COL1's | %s\n", $3, $2}' \
	| sed "	s/| platforms/| /"
fi
exit 0
searchsploit-corrected (1,725 bytes)   

Activities

unix-ninja

unix-ninja

2013-11-20 02:01

reporter   ~0001089

Ugh! Bug on line 67, the -v flag is working in reverse. To fix this, I changed the line to check against 0 instead.
I am attaching the corrected version.
g0tmi1k

g0tmi1k

2014-03-05 16:19

administrator   ~0001596

Related: https://github.com/offensive-security/exploit-database/commit/586abd5b2cb9bf0c827858bf5134e4e83e3a2ee3
dookie

dookie

2014-03-10 17:53

reporter   ~0001602

This has been merged upstream and is now part of the exploitdb package in Kali in exploitdb_03112014-0kali1. It will be in the repos soon.

Thanks for the contribution!

Issue History

Date Modified Username Field Change
2013-11-19 16:27 unix-ninja New Issue
2013-11-19 16:27 unix-ninja File Added: searchsploit
2013-11-20 02:01 unix-ninja Note Added: 0001089
2013-11-20 02:04 unix-ninja File Added: searchsploit-corrected
2013-12-03 17:17 g0tmi1k Category Tool Upgrade => New Tool Requests
2013-12-03 17:17 g0tmi1k Description Updated
2014-01-08 15:20 g0tmi1k File Deleted: searchsploit
2014-03-05 16:19 g0tmi1k Note Added: 0001596
2014-03-10 17:53 dookie Note Added: 0001602
2014-03-10 17:53 dookie Status new => resolved
2014-03-10 17:53 dookie Fixed in Version => 1.0.7
2014-03-10 17:53 dookie Resolution open => fixed
2014-03-10 17:53 dookie Assigned To => dookie
2021-05-18 11:02 g0tmi1k Category New Tool Requests => Queued Tool Addition