From 416e040a9895fac6de4534359865d553ff1fd526 Mon Sep 17 00:00:00 2001 From: Joe Shenouda Date: Sat, 11 Mar 2023 12:53:55 +0100 Subject: [PATCH] Search by vendor name and software version Option added to search by vendor name and software version --- getsploit/getsploit.py | 58 ++++++++++++++++++++++++++---------------- 1 file changed, 36 insertions(+), 22 deletions(-) diff --git a/getsploit/getsploit.py b/getsploit/getsploit.py index 158f938..126674f 100755 --- a/getsploit/getsploit.py +++ b/getsploit/getsploit.py @@ -58,26 +58,35 @@ class sploitVulners(vulners.Vulners): 'searchsploitdb': "/api/v3/archive/getsploit/" } - def searchExploit(self, query, lookup_fields=None, limit=500, offset=0, fields=None): - - if lookup_fields: - if not isinstance(lookup_fields, (list, set, tuple)) or not all(isinstance(item, string_types) for item in lookup_fields): - raise TypeError('lookup_fields list is expected to be a list of strings') - searchQuery = "bulletinFamily:exploit AND (%s)" % " OR ".join( - "%s:\"%s\"" % (lField, query) for lField in lookup_fields) - else: - searchQuery = "bulletinFamily:exploit AND %s" % query +def searchExploit(self, query, lookup_fields=None, limit=500, offset=0, fields=None, vuln_type='exploit'): + """ + Search exploit in vulners database by query string and lookup fields + :param query: string to search + :param lookup_fields: search in this fields only + :param limit: limit number of results + :param offset: offset results + :param fields: additional fields to fetch + :param vuln_type: type of vulnerability to search (exploit or vulnerability) + :return: search query and list of exploits + """ + if lookup_fields: + if not isinstance(lookup_fields, (list, set, tuple)) or not all(isinstance(item, string_types) for item in lookup_fields): + raise TypeError('lookup_fields list is expected to be a list of strings') + searchQuery = "bulletinFamily:%s AND (%s)" % (vuln_type, " OR ".join( + "%s:\"%s\"" % (lField, query) for lField in lookup_fields)) + else: + searchQuery = "bulletinFamily:%s AND %s" % (vuln_type, query) - total_bulletins = limit or self._Vulners__search(searchQuery, 0, 0, ['id']).get('total') - total = 0 - dataDocs = [] + total_bulletins = limit or self._Vulners__search(searchQuery, 0, 0, ['id']).get('total') + total = 0 + dataDocs = [] - for skip in range(offset, total_bulletins, min(self.search_size, limit or self.search_size)): - results = self._Vulners__search(searchQuery, skip, min(self.search_size, limit or self.search_size), fields or self.default_fields + ['sourceData']) - total = max(results.get('total'), total) - for element in results.get('search'): - dataDocs.append(element.get('_source')) - return searchQuery, dataDocs + for skip in range(offset, total_bulletins, min(self.search_size, limit or self.search_size)): + results = self._Vulners__search(searchQuery, skip, min(self.search_size, limit or self.search_size), fields or self.default_fields + ['sourceData']) + total = max(results.get('total'), total) + for element in results.get('search'): + dataDocs.append(element.get('_source')) + return searchQuery, dataDocs def downloadGetsploitDb(self, full_path): print("Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.") @@ -161,11 +170,16 @@ def main(): help='Mirror (aka copies) search result exploit files to the subdirectory with your search query name.') addArgumentCall('-c', '--count', nargs=1, type=int, default=10, help='Search limit. Default 10.') + addArgumentCall('-v', '--vendor', metavar='vendor', type=str, + help='Search for exploits by vendor name.') + addArgumentCall('-s', '--version', metavar='version', type=str, + help='Search for exploits by software version.') + if LOCAL_SEARCH_AVAILABLE: - addArgumentCall('-l', '--local', action='store_true', - help='Perform search in the local database instead of searching online.') - addArgumentCall('-u', '--update', action='store_true', - help='Update getsploit.db database. Will be downloaded in the script path.') + addArgumentCall('-l', '--local', action='store_true', + help='Perform search in the local database instead of searching online.') + addArgumentCall('-u', '--update', action='store_true', + help='Update getsploit.db database. Will be downloaded in the script path.') if six.PY2: options = parser.parse_args()