Skip to content

Commit

Permalink
Print additional info about the exploit
Browse files Browse the repository at this point in the history
  • Loading branch information
@GamehunterKaan
GamehunterKaan committed Jun 5, 2022
1 parent dfff69c commit 38a5d0b
Showing 1 changed file with 73 additions and 40 deletions.
113 changes: 73 additions & 40 deletions modules/getexploits.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,10 +3,22 @@
from os import mkdir
from modules.color import print_colored, colors, bcolors
from modules.outfile import WriteToFile
from dataclasses import dataclass

printed_software = []

def GetDownloadLink(CVEID, SoftwareName=None):
@dataclass
class ExploitInfo:
Platform : str
PublishDate : str
Type : str
ExploitDBID : int
Author : str
Metasploit : bool
Verified : bool
Link : str

def GetExploitInfo(CVEID):
apiresponse = get(
"https://www.exploit-db.com/search?cve=" + CVEID,
headers={
Expand All @@ -16,14 +28,22 @@ def GetDownloadLink(CVEID, SoftwareName=None):
)
if apiresponse.status_code == 200:
apidata = apiresponse.json()
ExploitLinks = []
ExploitInfos = []
for exploit in apidata['data']:
ExploitLinks.append("https://www.exploit-db.com/download/" + exploit['id'])
if SoftwareName not in printed_software and len(ExploitLinks) > 0:
print(" " * 100, end="\r")
print("\n┌─" + bcolors.yellow + "[ " + SoftwareName + " ]" + bcolors.endc)
printed_software.append(SoftwareName)
return ExploitLinks
Exploit = ExploitInfo(
Platform=exploit['platform_id'],
PublishDate = exploit['date_published'],
Type = exploit['type_id'],
ExploitDBID = int(exploit['id']),
Author = exploit['author']['name'],
Metasploit = exploit['author']['name'] == "Metasploit",
Verified = exploit['verified'] == "1",
Link = "https://www.exploit-db.com/download/" + exploit['id']
)
ExploitInfos.append(Exploit)
return ExploitInfos
else:
return []

def GetExploitContents(ExploitLink):
apiresponse = get(
Expand All @@ -42,50 +62,63 @@ def GetExploitContents(ExploitLink):
return None, None


def GetExploitAsFile(CVEID, SoftwareName):
ExploitLinks = GetDownloadLink(CVEID, SoftwareName)

if len(ExploitLinks) > 0:

print(" " * 100, end="\r") #clear the line
def GetExploitAsFile(vulnerability):
SoftwareName = vulnerability.Software
CVEs = vulnerability.CVEs

print("│\n├─────┤ " + bcolors.red + str(CVEID) + bcolors.endc + "\n│")
for CVE in CVEs:
Exploits = GetExploitInfo(CVE)
if not len(Exploits) > 0:
continue

print(" " * 100, end="\r") #clear the line
print("Downloading exploit for %s (%s)..." % (SoftwareName, CVEID), end="\r")

if not exists("exploits"):
mkdir("exploits")
if not SoftwareName in printed_software:
print("\n\n┌─" + bcolors.yellow + "[ " + SoftwareName + " ]" + bcolors.endc + "\n│")
printed_software.append(SoftwareName)
WriteToFile("\n\n┌─[ %s ]" % SoftwareName)

if not exists("exploits/" + SoftwareName):
mkdir("exploits/" + SoftwareName)
print("│\n├─────┤ " + bcolors.red + str(CVE) + bcolors.endc + "\n│")
WriteToFile("\n├─────┤ " + CVE + "\n│")

if not exists("exploits/" + SoftwareName + "/" + CVEID):
mkdir("exploits/" + SoftwareName + "/" + CVEID)
for exploit in Exploits:

for exploit in ExploitLinks:
contents, filename = GetExploitContents(exploit)
if contents == None or filename == None:
print(" " * 100, end="\r") #clear the line
print("Downloading exploit for %s (%s)..." % (SoftwareName, CVE), end="\r")
content, filename = GetExploitContents(exploit.Link)
if content is None:
continue
print_colored("├────────# exploits/" + SoftwareName + "/" + CVEID + "/" + filename + "\n│", colors.bold)

with open("exploits/" + SoftwareName + "/" + CVEID + "/" + filename, "wb") as ExploitFile:
ExploitFile.write(contents)
ExploitFile.close()
print("├" + "─" * 59)
else:
if not exists("exploits"):
mkdir("exploits")
if not exists("exploits/" + SoftwareName):
mkdir("exploits/" + SoftwareName)
if not exists("exploits/" + SoftwareName + "/" + CVE):
mkdir("exploits/" + SoftwareName + "/" + CVE)

with open("exploits/" + SoftwareName + "/" + CVE + "/" + filename, "wb") as exploitfile:
print(" " * 100, end="\r") #clear the line
print("├──────────# exploits/" + SoftwareName + "/" + CVE + "/" + filename + "\n│")
print("│\t\t" + bcolors.cyan + "Platform: " + bcolors.endc + exploit.Platform)
print("│\t\t" + bcolors.cyan + "Type: " + bcolors.endc + exploit.Type)
print("│\t\t" + bcolors.cyan + "Author: " + bcolors.endc + exploit.Author)
print("│\t\t" + bcolors.cyan + "Date: " + bcolors.endc + exploit.PublishDate)
print("│\t\t" + bcolors.cyan + "Metasploit: " + bcolors.endc + str(exploit.Metasploit))
print("│\t\t" + bcolors.cyan + "Verified: " + bcolors.endc + str(exploit.Verified))
print("│\t\t" + bcolors.cyan + "Link: " + bcolors.endc + exploit.Link + "\n│")
WriteToFile("├──────────# exploits/" + SoftwareName + "/" + CVE + "/" + filename + "\n│")
exploitfile.write(content)
exploitfile.close()
if SoftwareName in printed_software:
print(" " * 100, end="\r")
print("No exploits found for " + CVEID, end="\r")
print("└" + "─" * 59 + "\n")

def GetExploitsFromArray(ExploitsArray, target=None):
print_colored("\n" + "-" * 60, colors.blue)
def GetExploitsFromArray(VulnsArray, target=None):
print_colored("\n" + "" * 60, colors.blue)
if target:
print_colored(("Downloading exploits for %s..." % (target)).center(60), colors.blue)
else:
print_colored("Downloading exploits...".center(60), colors.blue)
print_colored("-" * 60 + "\n", colors.blue)
print_colored("" * 60, colors.blue)
WriteToFile("\nDownloading exploits...")

for exploit in ExploitsArray:
GetExploitAsFile(exploit[1], exploit[0])
for vulnerability in VulnsArray:
GetExploitAsFile(vulnerability)

0 comments on commit 38a5d0b

Please sign in to comment.