-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathexploitSearchAllWebs.py
More file actions
108 lines (95 loc) · 4.35 KB
/
exploitSearchAllWebs.py
File metadata and controls
108 lines (95 loc) · 4.35 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
#!/usr/bin/python
#-*-coding:utf-8-*-
#- exploit-finder Class
#- Copyright (C) 2015 GoldraK & Roger Serentill
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version.
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty
# of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.
# You should have received a copy of the GNU General Public License along with this program. If not, see <http://www.gnu.org/licenses/>
"""Exploit finder"""
__author__ = "GoldraK & Roger Serentill & Carlos A. Molina"
__credits__ = "GoldraK & Roger Serentill & Carlos A. Molina"
__version__ = "0.1.1"
__maintainer__ = "GoldraK & Roger Serentill & Carlos A. Molina"
__email__ = "goldrak@gmail.com, hello@rogerserentill.com, carlosantmolina@gmail.com"
__status__ = "Development"
from teco import color, style
from checkPossibilities import CheckPossibilities
from exploitSearchDB import ExploitSearchExploitDB
from workWithBlackListWords import WorkWithBlackListWords
import sys
sys.path.append('exploits')
class ExploitSearchAllWebs():
def __init__(self):
self.save_path = 'modules/exploit-finder/exploits' # where save files
ckP = CheckPossibilities()
possibilities = ckP.checkAllPossibilities() # dictionary
if possibilities['0today'] == True:
from exploitSearch0today import ExploitSearch0today
self.exploit0today = ExploitSearch0today()
self.exploitDB = ExploitSearchExploitDB()
self.fw = WorkWithBlackListWords()
def ask4updateExploitDB(self):
print ('Would you like to update exploit-db database before [y/n]?')
updateDB = ''
while updateDB == '':
updateDB = raw_input(">> ")
if updateDB == 'y':
return 1
elif updateDB == 'n':
return 0
else:
updateDB = ''
def askExploitID(self, exploitsIDdb_list, exploitsID0today_list=[]):
websWithExploit =[]
if exploitsID0today_list == -1:
exploitsID0today_list = []
download_exploit_id = ""
while download_exploit_id == "":
download_exploit_id = raw_input("Type exploit's ID: ")
if download_exploit_id not in exploitsIDdb_list and download_exploit_id not in exploitsID0today_list:
print color('rojo', '\nInvalid Exploit ID\n')
download_exploit_id = ""
if download_exploit_id in exploitsIDdb_list:
websWithExploit.append('db')
if exploitsID0today_list != []:
if download_exploit_id in exploitsID0today_list:
websWithExploit.append('0today')
if 'db' in websWithExploit and '0today' in websWithExploit:
print color('rojo', 'Same ID in both webs. Please, download it using only one web')
download_exploit_id = -1
websWithExploit = [-1]
return download_exploit_id, websWithExploit
def searchDownload(self,newSearch,possibilities):
exploitsID0today_list = []
print "Searching '" + newSearch + "'"
exploitsIDdb_list = self.exploitDB.searchExploit(newSearch)
if possibilities['0today'] == True:
br, contents, exploitsInfo, newSearch, exploitsID0today_list = self.exploit0today.exploit0toadySearch(newSearch)
if exploitsIDdb_list != [] or exploitsID0today_list != -1:
if self.exploitDB.askDownloadExploit() == 'y':
download_exploit_id, webWithExploit = self.askExploitID(exploitsIDdb_list, exploitsID0today_list)
if 'db' in webWithExploit:
self.exploitDB.downloadStart(download_exploit_id)
elif '0today' in webWithExploit:
self.exploit0today.downloadStart(br, download_exploit_id)
return exploitsIDdb_list, exploitsID0today_list
def searchAgain(self, newSearch, possibilities):
option = ''
while option != '0':
option = self.fw.askMenu()
if option == '1':
newSearch = self.exploitDB.ask4exploit()
elif option == '2':
newSearch = self.fw.deleteWords2Search(newSearch)
if option != '0':
self.searchDownload(newSearch, possibilities)
option = '0'
def askSearchDownload(self, portInfo=None, possibilities=None):
if self.ask4updateExploitDB() == 1:
self.exploitDB.update_database()
newSearch = self.exploitDB.ask4exploit(portInfo)
exploitsIDdb_list, exploitsID0today_list = self.searchDownload(newSearch,possibilities)
if exploitsIDdb_list == [] and exploitsID0today_list == -1:
self.searchAgain(newSearch,possibilities)