andreafioraldi / cve_searchsploit Goto Github PK

View Code? Open in Web Editor NEW

163.0 11.0 52.0 1.94 MB

Search an exploit in the local exploitdb database by its CVE

License: MIT License

Python 100.00%

cve search-exploits exploitdb exploit edb edbid exploit-database searchsploit cve-exploit cve-edb exploit-db

cve_searchsploit's Introduction

CVE SearchSploit

version 1.7

Search an exploit in the local exploitdb database by its CVE.

Here you can get a free cve to exploit-db mapping in json format.

Install

from PyPI

$ pip3 install cve_searchsploit

from GitHub

$ git clone https://github.com/andreafioraldi/cve_searchsploit
$ cd cve_searchsploit
$ python3 setup.py install

Requirements

python3
requests
progressbar2
git

Usage

$ cve_searchsploit [parameters...]

Parameters

<cve> search exploits by a cve
-u update the cve-edbid mapping
-f <file with cve list> search exploits by a cve list file
-n <nessus csv scan file> search exploits by the cve matching with a nessus scan in csv format

As a library

>>> import cve_searchsploit as CS
>>> 
>>> CS.update_db()
Refreshing exploit-database repo with lastest exploits
From https://github.com/offensive-security/exploit-database
 * branch                master     -> FETCH_HEAD
Already up to date.
Refreshing EDBID-CVE mapping
100% (41823 of 41823) |##############| Elapsed Time: 0:00:00 Time:  0:00:00
>>> 
>>> CS.edbid_from_cve("CVE-2019-0708")
[46946, 47120, 47416]
>>> CS.cve_from_edbid(47120)
['CVE-2019-0708']

Cite

If you use this tool in your academic work you can cite it using

@Misc{cve_searchsploit,
  author       = {Andrea Fioraldi},
  howpublished = {GitHub},
  month        = jun,
  title        = {{CVE SearchSploit}},
  year         = {2017},
  url          = {https://github.com/andreafioraldi/cve_searchsploit},
}

cve_searchsploit's People

Contributors

Stargazers

Watchers

cve_searchsploit's Issues

Not able to update the cve-edbid mapping

The repo of offensive security has changed. This is leading to not able to download the required files for updating the cve-edbid mapping.
Older Repo: https://github.com/offensive-security/exploitdb
New Repo: https://gitlab.com/exploit-database/exploitdb

Encoding error when opening files_Exploits.csv

I encountered an encoding error when opening the files_exploits.csv. When opening the current up-to-date csv from the ExploitDB Repo (Commit cbe784b0 from 09.09.2023), I got an UnicodeDecodeError 'charmap' codec can't decode byte 0x9d in position 3767: character maps to <undefined>.

Solution was to change main.py, line 33 to
with open(pdir + "/exploitdb/files_exploits.csv", encoding="utf8") as files:

If the encoding variable was not left out intentionally, maybe add this to the repo? If it was left out intentionally, you can close the issue :)

Doesn't use existing exploitdb database in /opt/exploitdb

when running cve_searchsploit it downloads the whole exploitdb database all over again, despite there being a perfectly good copy in /opt/searchsploit

Not finding latest vulns

When I install and update, it's not able to find the latest vulns such as
"sudo cve_searchsploit cve-2019-0708" even though it exists on exploit-db: https://www.exploit-db.com/exploits/46946
while others work:
"sudo cve_searchsploit CVE-2019-1474"

Use asyncio+aiohttp to improve the update speed

Nice project, but the requests library is to slow...

why clone exploitdb on github ?

on kali linux or parrot os it's has exploitdb from repo, but why this script clone again from github ?

Error in update the cve-edbid mapping

Hi
I used this command to update;
`$ cve_searchsploit -u'

but I got this Error:
`Refreshing exploit-database repo with lastest exploits
From https://github.com/offensive-security/exploit-database

branch master -> FETCH_HEAD
Already up-to-date.
Refreshing EDBID-CVE mapping
100% (41735 of 41735) |###############################################################| Elapsed Time: 0:00:01 Time: 0:00:01
Traceback (most recent call last):
File "/home/majidmc2/.local/bin/cve_searchsploit", line 11, in
sys.exit(main())
File "/home/majidmc2/.local/lib/python3.5/site-packages/cve_searchsploit/main.py", line 230, in main
update_db()
File "/home/majidmc2/.local/lib/python3.5/site-packages/cve_searchsploit/main.py", line 77, in update_db
indexes = locations_of_substring(content, 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-')
File "/home/majidmc2/.local/lib/python3.5/site-packages/cve_searchsploit/main.py", line 55, in locations_of_substring
return recurse([], 0)
File "/home/majidmc2/.local/lib/python3.5/site-packages/cve_searchsploit/main.py", line 50, in recurse
location = string.find(substring, start)
TypeError: a bytes-like object is required, not 'str'`

Issue with CVEs longer then 13 characters

Love the project, super helpful! I noticed that is has problems with extracting CVE #s with more then 13 characters in them (ie CVE-2019-12345). It will only capture the first 13 characters and drop what remains. The issue comes from the main.py script lines 120 and 127, where a CVE of length 13 is hard coded. I fixed this in my instance by creating a function that checks every following character to see if it is still a digit, although, there is probably a more efficient way to do it.

def tillEnd(string, index):
out = index + 1
while (string[out].isdigit()):
out += 1
return out

print ("Refreshing EDBID-CVE mapping")
with progressbar.ProgressBar(max_value=csv_len) as bar:
    for i in range(csv_len):
        edb = tuple(reader[i])[0]
        if edb in data:
            #print "Skipping edb id " + edb
            pass
        else:
            #print "Downloading https://www.exploit-db.com/exploits/" + edb
            content = ""
            while True:
                try:
                    r = requests.get("https://www.exploit-db.com/exploits/" + edb, headers=get_header)
                    content = r.text
                except Exception:
                    time.sleep(10)
                    continue
                finally:
                    break
            used = []
            indexes = locations_of_substring(content, 'https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-')
            for pos in indexes:
                  cve = r.text[pos + len('https://cve.mitre.org/cgi-bin/cvename.cgi?name='): tillEnd(r.text, pos + len('https://cve.mitre.org/cgi-bin/cvename.cgi?name=') + 9)].upper()
                  if cve in used: continue
                  used.append(cve)
                  print ("Found: edbid " + edb + " <---> " + cve)
            data[edb] = used
            indexes = locations_of_substring(content, 'https://nvd.nist.gov/vuln/detail/CVE-')
            for pos in indexes:
                  cve = r.text[pos + len('https://nvd.nist.gov/vuln/detail/'): tillEnd(r.text, pos + len('https://nvd.nist.gov/vuln/detail/') + 9)].upper()

Just wanted to let you know

All exploits downloading

Hello, thank you very much for your work. I noticed that CVE searchploit retrieved via git the entire exploit db repo. On the other hand, unless I am mistaken, all the exploits are therefore loaded on the machine, which would allow an authenticated attacker to execute all the exploits from the machine… I think that the data should be deleted each time and only the CVE <-> EBID match

ERROR - CVE not found.

Hi
I installed this tool but when I used it, I got this error:
ERROR - CVE not found.

My command is:
$ cve_searchsploit 2019-8045