vulnerscom / getsploit Goto Github PK

Command line utility for searching and downloading exploits

License: GNU Lesser General Public License v3.0

Python 100.00%

getsploit's Introduction

getsploit

Description

Inspired by searchsploit, it combines two features: command line search and download tool. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.

Python version

Utility was tested on python2.7, python3.8+ with SQLite FTS4 support. If you have found any bugs, don't hesitate to create an issue

How to use

Install: pip install getsploit

Obtain Vulners API key

Please, register at Vulners website. Go to the personal menu by clicking on your name in the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the getsploit.

Search

# pip install getsploit
# getsploit wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
|          ID          |         Exploit Title          |                        URL                         |
+======================+================================+====================================================+
|  PACKETSTORM:141039  | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
|                      | PHP Code Injection             |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41308     | WordPress 4.7.0/4.7.1 Plugin   |     https://vulners.com/exploitdb/EDB-ID:41308     |
|                      | Insert PHP - PHP Code          |                                                    |
|                      | Injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41223     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41223     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection (PoC)                |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140893  | WordPress 4.7.0 / 4.7.1 REST   | https://vulners.com/packetstorm/PACKETSTORM:140893 |
|                      | API Privilege Escalation       |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140902  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140902 |
|                      | Content Injection / Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140901  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140901 |
|                      | Content Injection Proof Of     |                                                    |
|                      | Concept                        |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41224     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41224     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection Arbitrary Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|      SSV-92637       | WordPress REST API content     |        https://vulners.com/seebug/SSV-92637        |
|                      | injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+

Save exploit files

# getsploit -m wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
|          ID          |         Exploit Title          |                        URL                         |
+======================+================================+====================================================+
|  PACKETSTORM:141039  | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
|                      | PHP Code Injection             |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41308     | WordPress 4.7.0/4.7.1 Plugin   |     https://vulners.com/exploitdb/EDB-ID:41308     |
|                      | Insert PHP - PHP Code          |                                                    |
|                      | Injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41223     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41223     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection (PoC)                |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140893  | WordPress 4.7.0 / 4.7.1 REST   | https://vulners.com/packetstorm/PACKETSTORM:140893 |
|                      | API Privilege Escalation       |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140902  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140902 |
|                      | Content Injection / Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140901  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140901 |
|                      | Content Injection Proof Of     |                                                    |
|                      | Concept                        |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41224     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41224     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection Arbitrary Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|      SSV-92637       | WordPress REST API content     |        https://vulners.com/seebug/SSV-92637        |
|                      | injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+

# ls
LICENSE         README.md       getsploit.py    wordpress-470
# cd wordpress-470
# ls
edb-id41223.txt         edb-id41224.txt         edb-id41308.txt         packetstorm140893.txt   packetstorm140901.txt   packetstorm140902.txt   packetstorm141039.txt   ssv-92637.txt

Local database

If your Python supports sqlite3 lib(builtin) you can use --update and --local commands to download whole exploit database to your PC. After update you can perform local offline searches.

# getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
219642496/219642496 [100.00%]
Unpacking database.
Database download complete. Now you may search exploits using --local key './getsploit.py -l wordpress 4.7'

getsploit's People

Contributors

Stargazers

Watchers

Forkers

bbghunter 957204459 0x554simon johnjohnsp1 yas3r pypetey techlord-rce carlos-1216 h1d3r chaojianhu learningandsharing chubbymaggie spnow adolfoeliazat testmyxss420 xeddmc theotherside joinalahmed qzm4u yaofeifly fxfactorial ababook theralfbrown ognz ksmaheshkumar cvega guinslym pmwoodward3 awesome-security weeshlow ch4meleon sebadiaz xqx12 bluebear171 thorkill arnabnandy7 mrmugiwara joinbaijun az0ne jerusalemsbell olivierh59500 waywardsun security-prince daedalus xieqiwen1993 ossecfile kasiviswanathan3876 hoangcuongflp alex-dengx moriarty2016 pombredanne kthemis leerina sn0wdown aptx0 avaudioplayer 2089764 technotrev caineqt rainism ranarag jamalmo linux4sa r007wh04mi puppycodes testtz pinperepette songofhack jijicanyu tobey123 0patch yeeyh owltux therealnixxer integrateddigital secoba pygain11 vankyver kiamgrebgnur hack-the-box shrv mindversal zitryss 4144 yakhira anekrasov 404soul cs24 ahen0910 python2014 conanjun lsh4ck celestial-intelligence sasha2002 yeshuopp123 esc0rtd3w slpw oscommonjs c0axial bwry

getsploit's Issues

Issue with local update

la-la-2:getsploit none$ getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
[################################] 276048/427041 - 00:01:35

Unpacking database.
Traceback (most recent call last):
File "/Users/none/.pyenv/versions/3.6.5/bin/getsploit", line 11, in
load_entry_point('getsploit==0.3.3', 'console_scripts', 'getsploit')()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 204, in main
vulners_lib.downloadGetsploitDb(os.path.join(DBPATH, "getsplit.db.zip"))
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 93, in downloadGetsploitDb
zip_ref = zipfile.ZipFile(full_path, 'r')
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1108, in init
self._RealGetContents()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1175, in _RealGetContents
raise BadZipFile("File is not a zip file")
zipfile.BadZipFile: File is not a zip file

missing git tags for 0.3.1 - 0.3.3

Hi,
can you please push the missing git tags like 0.3.1 - 0.3.3? It would be great to always have a matching tag available.
This would make it easier to potentially package this tool in a distro. thank you very much 🐈

doesn't work

AttributeError: 'sploitVulners' object has no attribute '_Vulners__opener'

Hi,

When I tried to update getsploit database, I got this error:

/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/vulners/vulners.py:439: DeprecationWarning: Vulners is deprecated and will be removed in future release. Use VulnersApi instead.
  warnings.warn(
Traceback (most recent call last):
  File "/usr/local/bin/getsploit", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/getsploit/getsploit.py", line 195, in main
    vulners_lib._Vulners__opener.headers.update({'User-Agent': 'Vulners Getsploit %s' % __version__})
AttributeError: 'sploitVulners' object has no attribute '_Vulners__opener'

Any idea ?

An error occurs because "Content-Length" does not exist

My environment is as follows.
Ubuntu : 16.04.3
Python : 2.7.12

    ./getsploit.py -u
    Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
    Traceback (most recent call last):
        File "./getsploit.py", line 802, in <module>
            main()
        File "./getsploit.py", line 743, in main
            downloadVulnersGetsploitDB(DBPATH)
        File "./getsploit.py", line 648, in downloadVulnersGetsploitDB
            downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
        File "./getsploit.py", line 619, in downloadFile
            file_size = int(meta.getheaders("Content-Length")[0])
    IndexError: list index out of range

Your SQLite3 library does not support FTS4

python script on mac , full text search sqlite database, tips:Your SQLite3 library does not support FTS4.， recompile sqlite， command "pragma compile_options" shows ENABLED_ FTS4，but python script still shows not support FTS4. Any solution？
system & program version
macos Sierra develop beta3
python 2.7.13
sqlite3 3.19.3

Download error

Hi,
I get the following when issuing the following command: getsploit -u:
is this an error handling routine issue?

Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
39084032/336659441 [11.61%]Traceback (most recent call last):
File "/usr/local/bin/getsploit", line 11, in
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 731, in main
downloadVulnersGetsploitDB(DBPATH)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 636, in downloadVulnersGetsploitDB
downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 608, in downloadFile
_download_helper(response,out_file,file_size)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 590, in _download_helper
buffer = response.read(block_size)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/httplib.py", line 597, in read
s = self.fp.read(amt)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/ssl.py", line 772, in recv
return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 659, in read
v = self._sslobj.read(len)
socket.error: [Errno 104] Connection reset by peer

UpdateAPI is broken for a week

UpdateAPI https://vulners.com/api/v3/archive/getsploit/ is returning an empty sqlite database, can you take a look at it?

I'm expecting a ~900M zip file.

getsploit --update failed

I cannot download database using "getsploit --update", the download hangs before 25% (sometimes before 4% !).
I tried from different devices, internet sources...

Any ideas ?

Regards,

API key entry not working

After I enter my API key, this error message always shows up
Traceback (most recent call last): File "$HOME/Library/Python/2.7/bin/getsploit", line 8, in <module> sys.exit(main()) File "$HOME/Library/Python/2.7/lib/python/site-packages/getsploit/getsploit.py", line 189, in main vulners_lib = sploitVulners(api_key=api_key) File "$HOME/Library/Python/2.7/lib/python/site-packages/vulners/api.py", line 120, in __init__ max_retries=retries)

result of getsploit command

Hello,

getsploit -j "CVE-2018-1001"

return exploits for the specific CVE BUT ALSO for other exploits (example return exploit about EURLEROS_SA-2018-1001 that talks about CVE-2018-5715 and not CVE-2018-1001) :-(

Any ideas ?

Regards

Doesn't work - pathname2url Windows compatibility

Breaks on line 664. Not sure what the problem is, whether the weird way you call print() or (more likely) something wrong with pathname2urlHandler(finalQuery).

Win7 Pro 64-bit, Python 2.7.6, sample output:

python getploit.py smb

Total found exploits: 850
Traceback (most recent call last):
  File "getsploit.py", line 672, in <module>
    main()
  File "getsploit.py", line 664, in main
    print("Web-search URL: %s" % 'https://vulners.com/search?query=%s' % pathname2urlHandler(finalQuery))
  File "C:\Python\lib\nturl2path.py", line 58, in pathname2url
    raise IOError, error
IOError: Bad path: bulletinFamily:exploit AND smb

Multiple CVEs failed with cvelist argument

Hello,

We don't have same result when trying to get exploits using following commands:

getsploit -j cvelist:CVE-2019-5521
--> exploit not found. OK
getsploit -j cvelist:CVE-2019-5684
--> exploit not found. OK
but, getsploit -j cvelist:CVE-2019-5521,CVE-2019-5684
--> several exploits found but there is no link between result and CVE Ids given in input.

Any Idea ?

Regards,

os.makedirs "exist_ok" does not exist in Python 2

Hello there,

In its pip package getsploit informs that Python 2 is supported to run it.
But in Python 2 os.makedirs does not have an exist_ok option so it does not work:

New in version 3.2: The exist_ok parameter.

Cheers.

Feature request

Hello,

Is it plan to support local database with 'cvelist' argument ?

Regards,

Please provide a real offline mode

Hello,
Could you provide a real offline mode ?

Because to date, getsploit still needs an Internet connection even with the offline database, as one of the first actions in the script is to call this function which performs a check of the authenticity of the key.

Cheers.

Unicode error

First Thanks for this package!

using: python 3.5.0 on anaconda continuum
I had an issue UnicodeEncodeError: 'charmap' codec can't encode character I couldn't debug it.

~\Documents\GitHub\getsploit [master ≡]> python getsploit.py django
Total found exploits: 41
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+django
Traceback (most recent call last):
  File "getsploit.py", line 673, in <module>
    main()
  File "getsploit.py", line 670, in main
    print(outputTable.draw())
  File "C:\Users\Jeffrey\Miniconda3\lib\encodings\cp437.py", line 19, in encode
    return codecs.charmap_encode(input,self.errors,encoding_map)[0]
UnicodeEncodeError: 'charmap' codec can't encode character '\uff09' in position 598: character maps to <undefined>

When I add a return (out[:-1]).encode('utf-8') into line 313 the output is not well formatted.

Error if you search for Kernel 4.0.2

Was just random typing. Works fine if I search for Kernel 4.0

Total found exploits: 6
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+kernel+4.0.2
Traceback (most recent call last):
File "./getsploit.py", line 807, in
main()
File "./getsploit.py", line 801, in main
print(outputTable.draw().decode('ascii', 'ignore'))
UnicodeEncodeError: 'ascii' codec can't encode characters in position 2613-2620: ordinal not in range(128)

[Not critical] Escape spaces when the API key entering

When you first launch latest version of getsploit and enter the API key you can by chance entering spaces and see this output:

linxon@cirno-chan ~/.getsploit $ getsploit 
To use getsploit you need to obtain Vulners API key at https://vulners.com
Please, enter API key:     asd    
Traceback (most recent call last):
  File "/usr/lib/python-exec/python3.6/getsploit", line 11, in <module>
    load_entry_point('getsploit==0.3.2', 'console_scripts', 'getsploit')()
  File "/usr/lib64/python3.6/site-packages/getsploit/getsploit.py", line 145, in main
    vulners_lib = sploitVulners(api_key=api_key)
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 102, in __init__
    if api_key and not self.__validKey(api_key):
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 199, in __validKey
    return self.vulners_post_request('apiKey', {'keyID':api_key}).get('valid')
AttributeError: 'bytes' object has no attribute 'get'

How do you use the exploit?

After I downloaded some exploits for wordpress how would I use them?

vulnerscom / getsploit Goto Github PK

getsploit's Introduction

getsploit

Description

Python version

How to use

Obtain Vulners API key

Search

Save exploit files

Local database

getsploit's People

Contributors

Stargazers

Watchers

Forkers

getsploit's Issues

getsploit -j "CVE-2018-1001"

sorry for retarded question.

Recommend Projects

Recommend Topics

Recommend Org