项目地址
介绍
Vulne数据库的命令行搜索和下载工具受到searchsploit的
启发。它允许您在线搜索所有最受欢迎的集合中的漏洞:Exploit-DB,Metasploit,Packetstorm等。最强大的功能就是在您的工作路径中直接利用源代码下载。
Python版本支持
python2.6,python2.7,python3.6已上通过SQLite FTS4支持进行测试
安装
pip install getsploit
┌─[hacker@parrot]─[~]
└──╼ $git clone https://github.com/vulnersCom/getsploit
Cloning into 'getsploit'...
remote: Counting objects: 45, done.
remote: Compressing objects: 100% (32/32), done.
remote: Total 45 (delta 21), reused 37 (delta 13), pack-reused 0
Unpacking objects: 100% (45/45), done.
cd getsploit/
┌─[hacker@parrot]─[~]
└──╼ $ ls
LICENSE README.md getsploit.py
┌─[hacker@parrot]─[~]
└──╼ $./getsploit.py wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+wordpress+4.7.0
+----------------------+--------------------------------+----------------------------------------------------+
| ID | Exploit Title | URL |
+======================+================================+====================================================+
| PACKETSTORM:141039 | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
| | PHP Code Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41308 | WordPress 4.7.0/4.7.1 Plugin | https://vulners.com/exploitdb/EDB-ID:41308 |
| | Insert PHP - PHP Code | |
| | Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140902 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140902 |
| | Content Injection / Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140893 | WordPress 4.7.0 / 4.7.1 REST | https://vulners.com/packetstorm/PACKETSTORM:140893 |
| | API Privilege Escalation | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41223 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41223 |
| | Unauthenticated Content | |
| | Injection (PoC) | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140901 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140901 |
| | Content Injection Proof Of | |
| | Concept | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41224 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41224 |
| | Unauthenticated Content | |
| | Injection Arbitrary Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 |
| | injection | |
+----------------------+--------------------------------+----------------------------------------------------+
┌─[hacker@parrot]─[~]
└──╼ $./getsploit.py windows 10
Total found exploits: 11283
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+windows+10
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| ID | Exploit Title | URL |
+======================+================================+========================================================================================+
| MSF:POST/WINDOWS/GAT | Windows Gather Credential | https://vulners.com/metasploit/MSF:POST/WINDOWS/GATHER/CACHEDUMP |
| HER/CACHEDUMP | Cache Dump | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | CVE-2017-0143 MS17-010 | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/SMB/MS17_010_ETERNALBL
| | Injection Arbitrary Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 |
| | injection | |
+----------------------+--------------------------------+----------------------------------------------------+
bash-3.2$ ./getsploit.py windows 10
Total found exploits: 11283
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+windows+10
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| ID | Exploit Title | URL |
+======================+================================+========================================================================================+
| MSF:POST/WINDOWS/GAT | Windows Gather Credential | https://vulners.com/metasploit/MSF:POST/WINDOWS/GATHER/CACHEDUMP |
| HER/CACHEDUMP | Cache Dump | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | CVE-2017-0143 MS17-010 | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/SMB/MS17_010_ETERNALBLUE |
| SMB/MS17_010_ETERNAL | EternalBlue SMB Remote Windows | |
| BLUE | Kernel Pool Corruption | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | Windows UAC Protection Bypass | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/LOCAL/BYPASSUAC_FODHELPER |
| LOCAL/BYPASSUAC_FODH | (Via FodHelper Registry Key) | |
| ELPER | | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | Apple iTunes 10 Extended M3U | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/MISC/ITUNES_EXTM3U_BOF |
| MISC/ITUNES_EXTM3U_B | Stack Buffer Overflow | |
| OF | | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | CVE-2017-7269 Microsoft IIS | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/IIS/IIS_WEBDAV_SCSTORAGEPATHFROMURL |
| IIS/IIS_WEBDAV_SCSTO | WebDav ScStoragePathFromUrl | |
| RAGEPATHFROMURL | Overflow | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | CVE-2005-1815 Hummingbird | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/LPD/HUMMINGBIRD_EXCEED |
| LPD/HUMMINGBIRD_EXCE | Connectivity 10 SP5 LPD Buffer | |
| ED | Overflow | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | Sync Breeze Enterprise GET | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/HTTP/SYNCBREEZE_BOF |
| HTTP/SYNCBREEZE_BOF | Buffer Overflow | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | CVE-2012-5002 Ricoh DC DL-10 | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/FTP/RICOH_DL_BOF |
| FTP/RICOH_DL_BOF | SR10 FTP USER Command Buffer | |
| | Overflow | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| MSF:EXPLOIT/WINDOWS/ | VX Search Enterprise GET | https://vulners.com/metasploit/MSF:EXPLOIT/WINDOWS/HTTP/VXSRCHS_BOF |
| HTTP/VXSRCHS_BOF | Buffer Overflow | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
| EDB-ID:41975 | Microsoft Windows 8 / 8.1 / 10 | https://vulners.com/exploitdb/EDB-ID:41975 |
| | / Windows Server / SCEP, | |
| | Microsoft Security Essentials | |
| | - 'MsMpEng' Remotely | |
| | Exploitable Type Confusion | |
+----------------------+--------------------------------+----------------------------------------------------------------------------------------+
本地数据库
如果您的Python支持sqlite3 lib(内置),则可以使用–update和–local命令将整个漏洞数据库下载到您的PC。更新后,您可以执行本地离线搜索。
┌─[hacker@parrot]─[~]
└──╼ $./getsploit.py --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
219642496/219642496 [100.00%]
Unpacking database.
Database download complete. Now you may search exploits using --local key './getsploit.py -l wordpress 4.7'
