exploitdbee.py 1.0
Easily search for exploits in BackTrack's exploitdb (files.csv).
Highlights:
Search the exploitdb archive
Case sensitive & insensitive
Change output mode
Automaticlly copy your exploits
Requirements:
python (tested with python 2.7.1 and 2.5.2)
local exploitdb (pre-installed on BackTrack Linux)
Usage:
exploitdbee.py [-c] [-d path]
exploitdbee.py "windows 7" remote
exploitdbee.py -c Microsoft IIS -d /tmp
Options:
--version show program's version number and exit
-h, --help show this help message and exit
-c, --casesensitive switch to casesensitive
-v, --verbose detailed output
-d PATH, --destination=PATH path to copy exploits
Code:
#!/usr/bin/env python # -*- coding: utf-8 -*- # # exploitdbee.py # # Version: 1.0 # # Copyright (C) 2011 novacane novacane[at]dandies[dot]org # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. # import sys import os import re import shutil from getpass import getpass from optparse import OptionParser def main(casesensitive, verbose, exploitpath, *args): exploitdbcsv = "/pentest/exploits/exploitdb/files.csv" if not os.path.isfile(exploitdbcsv): print "ERROR: EXPLOITDB DOESN'T EXIST" sys.exit(1) # Open the exploitdb. try: f = open(exploitdbcsv) except: print "ERROR: CAN'T OPEN EXPLOITDB - FILES.CSV" sys.exit(1) exploitlist = [] # First: Search the exploitdb and save the results to a list. for line in f: if casesensitive: if re.search(re.escape(args[0][0]), line): exploitlist.append(line) elif not casesensitive: if re.search(re.escape(args[0][0]), line, re.I): exploitlist.append(line) # The number of loops is the number of arguments. i = 1 arglen = len(args[0]) # Second: Cleanup the initial list. # Loop through the list and remove all items which don't match the remaining argument(s). if arglen > 1: while True: # Make a copy of the list to iterate over it. for l in exploitlist[:]: if casesensitive: if not re.search(re.escape(args[0][i]), l): exploitlist.remove(l) elif not casesensitive: if not re.search(re.escape(args[0][i]), l, re.I): exploitlist.remove(l) i += 1 if i == arglen: break # Output found exploits. for i in exploitlist: if verbose: print i.strip("\n") else: print i.split(",")[2] + " => " + i.split(",")[1] print "\n" print str(len(exploitlist)) + " EXPLOITS FOUND." f.close() if not exploitpath: sys.exit() # Copy the exploits. while True: try: copyinput = raw_input("Copy exploits to destination? [y/n]: ") if copyinput == "y": if os.path.isdir(exploitpath): try: for i in exploitlist: shutil.copy("/pentest/exploits/exploitdb/" + i.split(",")[1], exploitpath) except: print "ERROR: CAN'T COPY FILES TO DESTINATION" sys.exit(1) else: print "ERROR: DESTINATION DOESN'T EXIST" break elif copyinput == "n": print "BYE" sys.exit() else: print "ERROR: WRONG INPUT" except KeyboardInterrupt: print "\n" sys.exit(1) if __name__ == '__main__': help_message = "\n\t[*] exploitdbee 1.0[*]\n\t[*] by dandies.org[*]\n\n\tTry: exploitdbee.py --help\n" usage = "\n %prog [-c] [-d path] <term1> <term2> <term3> <term...>\n %prog \"windows 7\" remote \ \n %prog -c Microsoft IIS -d /tmp" parser = OptionParser(usage=usage, version="%prog 1.0") parser.add_option("-c", "--casesensitive", action="store_true", dest="casesensitive", help="switch to casesensitive") parser.add_option("-v", "--verbose", action="store_true", dest="verbose", help="detailed output") parser.add_option("-d", "--destination", metavar="PATH", dest="exploitpath", help="path to copy exploits") (options, args) = parser.parse_args() if len(args) == 0: print help_message sys.exit(2) # Default values. if options.exploitpath: exploitpath = options.exploitpath else: exploitpath = "" if options.casesensitive: casesensitive = 1 else: casesensitive = 0 if options.verbose: verbose = 1 else: verbose = 0 main(casesensitive, verbose, exploitpath, args)[Doar userii inregistrati pot vedea linkurile. ]