Monday, December 23, 2013

Findsploit Script


#!/bin/bash
# Findsploit 20131223 by 1N3
#
#      `7MN.   `7MF'       
# __,    MMN.    M         
#`7MM    M YMb   M  pd""b. 
#  MM    M  `MN. M (O)  `8b
#  MM    M   `MM.M      ,89
#  MM    M     YMM    ""Yb.
#.JMML..JML.    YM       88
#                  (O)  .M'
#                   bmmmd' 
#                          
#
#
# ABOUT
# Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. Currently searches Metasploit, Exploit-db, Google, CVE's, SecurityFocus, 1337day and OSVDB.

# REQUIREMENTS
# This script relies on exploitdb's searchsploit script and files in /pentest/exploits/exploitdb

# INSTALLATION
# 1. Copy the script to /usr/bin
# 2. Run chmod +rx /usr/bin/findsploit
# 3. To run, type findsploit <name of product> <version> <local/remote>

clear

VAR1=$1;
VAR2=$2;
VAR3=$3;

if [ -z "$1" ];
then
        echo "(--==== findsploit by nonXero ====---)"
        echo "(--==== Usage: findsploit windows xp remote, etc. ====--)"
        echo "(--==== http://treadstonesecurity.blogspot.com ====--)"
        exit;
else
        echo "(--==== findsploit by nonXero ====---)"
        echo "(--==== http://treadstonesecurity.blogspot.com ====--)"
        echo ""
        echo "(--==== METASPLOIT EXPLOITS"
        echo ""
        egrep -i "$VAR1" /opt/metasploit/apps/pro/msf3/modules/exploits/* -R | grep "Name"
        echo ""
        echo "(--==== EXPLOITDB EXPLOITS"
        echo ""
        /pentest/exploits/exploitdb/searchsploit $VAR1 $VAR2 $VAR3
        echo ""
        echo "(--==== Press any key to search online or Ctrl+C to exit..."
        read test
        firefox 'http://www.exploit-db.com/search/?action=search&filter_page=1&filter_description='$VAR1'&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve=' 2>/dev/null
        firefox 'https://www.google.ca/search?q='$VAR1'+'$VAR2'+'$VAR3'+exploit' 2>/dev/null
        firefox 'http://www.cvedetails.com/product-search.php?vendor_id=0&search='$VAR1'' 2> /dev/null
        firefox 'https://www.google.ca/search?q='$VAR1'+'$VAR2'+'$VAR3'+exploit+site:www.securityfocus.com' 2> /dev/null
        firefox 'https://www.google.ca/search?q='$VAR1'+'$VAR2'+'$VAR3'+site:www.1337day.com' 2> /dev/null
        firefox 'http://www.osvdb.org/search?search[vuln_title]='$VAR1'&search[text_type]=titles' 2> /dev/null
fi

exit

No comments:

Post a Comment