Git Product home page Git Product logo

getsploit's Introduction

getsploit

Current Release Downloads

Description

Inspired by searchsploit, it combines two features: command line search and download tool. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.

Python version

Utility was tested on python2.7, python3.8+ with SQLite FTS4 support. If you have found any bugs, don't hesitate to create an issue

How to use

Install: pip install getsploit

Obtain Vulners API key

Please, register at Vulners website. Go to the personal menu by clicking on your name in the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the getsploit.

Search

# pip install getsploit
# getsploit wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
|          ID          |         Exploit Title          |                        URL                         |
+======================+================================+====================================================+
|  PACKETSTORM:141039  | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
|                      | PHP Code Injection             |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41308     | WordPress 4.7.0/4.7.1 Plugin   |     https://vulners.com/exploitdb/EDB-ID:41308     |
|                      | Insert PHP - PHP Code          |                                                    |
|                      | Injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41223     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41223     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection (PoC)                |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140893  | WordPress 4.7.0 / 4.7.1 REST   | https://vulners.com/packetstorm/PACKETSTORM:140893 |
|                      | API Privilege Escalation       |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140902  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140902 |
|                      | Content Injection / Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140901  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140901 |
|                      | Content Injection Proof Of     |                                                    |
|                      | Concept                        |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41224     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41224     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection Arbitrary Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|      SSV-92637       | WordPress REST API content     |        https://vulners.com/seebug/SSV-92637        |
|                      | injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+

Save exploit files

# getsploit -m wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
|          ID          |         Exploit Title          |                        URL                         |
+======================+================================+====================================================+
|  PACKETSTORM:141039  | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
|                      | PHP Code Injection             |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41308     | WordPress 4.7.0/4.7.1 Plugin   |     https://vulners.com/exploitdb/EDB-ID:41308     |
|                      | Insert PHP - PHP Code          |                                                    |
|                      | Injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41223     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41223     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection (PoC)                |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140893  | WordPress 4.7.0 / 4.7.1 REST   | https://vulners.com/packetstorm/PACKETSTORM:140893 |
|                      | API Privilege Escalation       |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140902  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140902 |
|                      | Content Injection / Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|  PACKETSTORM:140901  | WordPress 4.7.0 / 4.7.1        | https://vulners.com/packetstorm/PACKETSTORM:140901 |
|                      | Content Injection Proof Of     |                                                    |
|                      | Concept                        |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|     EDB-ID:41224     | WordPress 4.7.0/4.7.1 -        |     https://vulners.com/exploitdb/EDB-ID:41224     |
|                      | Unauthenticated Content        |                                                    |
|                      | Injection Arbitrary Code       |                                                    |
|                      | Execution                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+
|      SSV-92637       | WordPress REST API content     |        https://vulners.com/seebug/SSV-92637        |
|                      | injection                      |                                                    |
+----------------------+--------------------------------+----------------------------------------------------+

# ls
LICENSE         README.md       getsploit.py    wordpress-470
# cd wordpress-470
# ls
edb-id41223.txt         edb-id41224.txt         edb-id41308.txt         packetstorm140893.txt   packetstorm140901.txt   packetstorm140902.txt   packetstorm141039.txt   ssv-92637.txt

Local database

If your Python supports sqlite3 lib(builtin) you can use --update and --local commands to download whole exploit database to your PC. After update you can perform local offline searches.

# getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
219642496/219642496 [100.00%]
Unpacking database.
Database download complete. Now you may search exploits using --local key './getsploit.py -l wordpress 4.7'

getsploit's People

Contributors

aquintana1 avatar olgakiseleva avatar vesche avatar vulnerscom avatar

Stargazers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

Watchers

 avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar  avatar

getsploit's Issues

Issue with local update

la-la-2:getsploit none$ getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
[################################] 276048/427041 - 00:01:35

Unpacking database.
Traceback (most recent call last):
File "/Users/none/.pyenv/versions/3.6.5/bin/getsploit", line 11, in
load_entry_point('getsploit==0.3.3', 'console_scripts', 'getsploit')()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 204, in main
vulners_lib.downloadGetsploitDb(os.path.join(DBPATH, "getsplit.db.zip"))
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 93, in downloadGetsploitDb
zip_ref = zipfile.ZipFile(full_path, 'r')
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1108, in init
self._RealGetContents()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1175, in _RealGetContents
raise BadZipFile("File is not a zip file")
zipfile.BadZipFile: File is not a zip file

missing git tags for 0.3.1 - 0.3.3

Hi,
can you please push the missing git tags like 0.3.1 - 0.3.3? It would be great to always have a matching tag available.
This would make it easier to potentially package this tool in a distro. thank you very much 🐈

AttributeError: 'sploitVulners' object has no attribute '_Vulners__opener'

Hi,

When I tried to update getsploit database, I got this error:

/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/vulners/vulners.py:439: DeprecationWarning: Vulners is deprecated and will be removed in future release. Use VulnersApi instead.
  warnings.warn(
Traceback (most recent call last):
  File "/usr/local/bin/getsploit", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/getsploit/getsploit.py", line 195, in main
    vulners_lib._Vulners__opener.headers.update({'User-Agent': 'Vulners Getsploit %s' % __version__})
AttributeError: 'sploitVulners' object has no attribute '_Vulners__opener'

Any idea ?

An error occurs because "Content-Length" does not exist

My environment is as follows.
Ubuntu : 16.04.3
Python : 2.7.12

    ./getsploit.py -u
    Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
    Traceback (most recent call last):
        File "./getsploit.py", line 802, in <module>
            main()
        File "./getsploit.py", line 743, in main
            downloadVulnersGetsploitDB(DBPATH)
        File "./getsploit.py", line 648, in downloadVulnersGetsploitDB
            downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
        File "./getsploit.py", line 619, in downloadFile
            file_size = int(meta.getheaders("Content-Length")[0])
    IndexError: list index out of range

Your SQLite3 library does not support FTS4

python script on mac , full text search sqlite database, tips:Your SQLite3 library does not support FTS4., recompile sqlite, command "pragma compile_options" shows ENABLED_ FTS4,but python script still shows not support FTS4. Any solution?
system & program version
macos Sierra develop beta3
python 2.7.13
sqlite3 3.19.3

Download error

Hi,
I get the following when issuing the following command: getsploit -u:
is this an error handling routine issue?

Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
39084032/336659441 [11.61%]Traceback (most recent call last):
File "/usr/local/bin/getsploit", line 11, in
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 731, in main
downloadVulnersGetsploitDB(DBPATH)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 636, in downloadVulnersGetsploitDB
downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 608, in downloadFile
_download_helper(response,out_file,file_size)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 590, in _download_helper
buffer = response.read(block_size)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/httplib.py", line 597, in read
s = self.fp.read(amt)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/ssl.py", line 772, in recv
return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 659, in read
v = self._sslobj.read(len)
socket.error: [Errno 104] Connection reset by peer

getsploit --update failed

I cannot download database using "getsploit --update", the download hangs before 25% (sometimes before 4% !).
I tried from different devices, internet sources...

Any ideas ?

Regards,

API key entry not working

After I enter my API key, this error message always shows up
Traceback (most recent call last): File "$HOME/Library/Python/2.7/bin/getsploit", line 8, in <module> sys.exit(main()) File "$HOME/Library/Python/2.7/lib/python/site-packages/getsploit/getsploit.py", line 189, in main vulners_lib = sploitVulners(api_key=api_key) File "$HOME/Library/Python/2.7/lib/python/site-packages/vulners/api.py", line 120, in __init__ max_retries=retries)

Doesn't work - pathname2url Windows compatibility

Breaks on line 664. Not sure what the problem is, whether the weird way you call print() or (more likely) something wrong with pathname2urlHandler(finalQuery).

Win7 Pro 64-bit, Python 2.7.6, sample output:

python getploit.py smb

Total found exploits: 850
Traceback (most recent call last):
  File "getsploit.py", line 672, in <module>
    main()
  File "getsploit.py", line 664, in main
    print("Web-search URL: %s" % 'https://vulners.com/search?query=%s' % pathname2urlHandler(finalQuery))
  File "C:\Python\lib\nturl2path.py", line 58, in pathname2url
    raise IOError, error
IOError: Bad path: bulletinFamily:exploit AND smb

Feature request

Hello,

Is it plan to support local database with 'cvelist' argument ?

Regards,

Please provide a real offline mode

Hello,
Could you provide a real offline mode ?

Because to date, getsploit still needs an Internet connection even with the offline database, as one of the first actions in the script is to call this function which performs a check of the authenticity of the key.

Cheers.

Unicode error

First Thanks for this package!

using: python 3.5.0 on anaconda continuum
I had an issue UnicodeEncodeError: 'charmap' codec can't encode character I couldn't debug it.

~\Documents\GitHub\getsploit [master ≡]> python getsploit.py django
Total found exploits: 41
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+django
Traceback (most recent call last):
  File "getsploit.py", line 673, in <module>
    main()
  File "getsploit.py", line 670, in main
    print(outputTable.draw())
  File "C:\Users\Jeffrey\Miniconda3\lib\encodings\cp437.py", line 19, in encode
    return codecs.charmap_encode(input,self.errors,encoding_map)[0]
UnicodeEncodeError: 'charmap' codec can't encode character '\uff09' in position 598: character maps to <undefined>

When I add a return (out[:-1]).encode('utf-8') into line 313 the output is not well formatted.

[Not critical] Escape spaces when the API key entering

When you first launch latest version of getsploit and enter the API key you can by chance entering spaces and see this output:

linxon@cirno-chan ~/.getsploit $ getsploit 
To use getsploit you need to obtain Vulners API key at https://vulners.com
Please, enter API key:     asd    
Traceback (most recent call last):
  File "/usr/lib/python-exec/python3.6/getsploit", line 11, in <module>
    load_entry_point('getsploit==0.3.2', 'console_scripts', 'getsploit')()
  File "/usr/lib64/python3.6/site-packages/getsploit/getsploit.py", line 145, in main
    vulners_lib = sploitVulners(api_key=api_key)
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 102, in __init__
    if api_key and not self.__validKey(api_key):
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 199, in __validKey
    return self.vulners_post_request('apiKey', {'keyID':api_key}).get('valid')
AttributeError: 'bytes' object has no attribute 'get'

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.