forked from detexploit/DetExploit
-
Notifications
You must be signed in to change notification settings - Fork 0
/
exploitdb.py
105 lines (91 loc) · 3.8 KB
/
exploitdb.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
###########################################################
# exploitdb.py
# File that contains code block related to ExploitDB.
# DetExploit (https://github.com/moppoi5168/DetExploit)
# Licensed by GPL License
###########################################################
from termcolor import cprint
import colorama
import configparser
import os
import urllib.request
import report
def proc_data(cp, langdata):
exploitdb_success = False
if cp.get('exploitdb', 'use_exploitdb') == 'True':
download_vulndata(cp, langdata)
extracted = extract_windows_exploit(cp, langdata)
exploitdb_vulndata = parse_vulndata(extracted)
if exploitdb_vulndata is not None:
exploitdb_success = True
if cp.get('general', 'do_not_save_vulndata') == 'True':
os.remove(cp.get('exploitdb', 'vulndata_filename'))
return exploitdb_vulndata, exploitdb_success
def download_vulndata(cp, langdata):
EXPLOITDB_FILENAME = cp.get('exploitdb', 'vulndata_filename')
print(langdata['EXPLOITDB_DOWNLOAD_INTRO'])
url = 'https://github.com/offensive-security/exploitdb/raw/master/files_exploits.csv'
mem = urllib.request.urlopen(url).read()
with open(EXPLOITDB_FILENAME, mode='wb') as f:
f.write(mem)
if os.path.isfile(EXPLOITDB_FILENAME):
cprint(langdata['EXPLOITDB_DOWNLOAD_SUCCESS'], 'green')
print('===========================================================')
return 0
else:
cprint(langdata['EXPLOITDB_DOWNLOAD_FAILED'], 'red')
exit(1)
def extract_windows_exploit(cp, langdata):
EXPLOITDB_FILENAME = cp.get('exploitdb', 'vulndata_filename')
print(langdata['EXPLOITDB_EXTRACT_WIN'] + EXPLOITDB_FILENAME + '......')
tmp = []
with open(EXPLOITDB_FILENAME, encoding="utf-8_sig") as wc:
line = wc.readline()
while line:
if 'windows' in line:
tmp.append(line)
line = wc.readline()
cprint(langdata['EXPLOITDB_EXTRACT_SUCCESS'], 'green')
print('===========================================================')
return tmp
def parse_vulndata(data_list):
product_dict = {}
for data in data_list:
splitted = data.split(',')
title = splitted[2]
base = title.split(' - ')[0][1:]
baselist = base.split(' ')
name = ' '.join(baselist[:-1])
version = baselist[-1]
product_dict[name] = version
return product_dict
def scan(langdata, exploitdb_product_dict, data):
count = 0
resultdict = {}
for key in exploitdb_product_dict:
name = key
version = exploitdb_product_dict[key]
try:
tmp = data[name]
except KeyError:
continue
if data[name] == version:
level = report.determine_level('ExploitDB')
resultdict[name] = (version, True, False, False, False, level)
print('===========================================================')
cprint(langdata['DETECT_ALERT'], 'red')
cprint(langdata['APP_NAME'] + name + ' >>', 'blue')
cprint(langdata['APP_VERSION'] + version + ' >>', 'blue')
cprint(langdata['DETECT_USING_EXPLOITDB'], 'blue')
cprint(langdata['OBJECT_LEVEL'] + level + ' >>', 'blue')
print('===========================================================')
count = count + 1
return resultdict, count
if __name__ == '__main__':
colorama.init()
print('======================================================')
cprint(' ERROR: Direct execution of exploitdb.py detected', 'red')
cprint(' ERROR: Please run the following to run DetExploit.', 'red')
cprint(' ERROR: -> main.py for CUI version', 'red')
cprint(' ERROR: -> gui.py for GUI version', 'red')
print('======================================================')