[Perl] Exploit DB Manager 0.6

BigBear · Febrero 13, 2015, 01:48:45 PM

Un simple script en Perl para buscar,leer y descargar exploits en ExploitDB.

Tienen opciones para :

Buscar y listar exploits
Leer exploit con determinado ID
Descargar exploit con determinado ID

Descargar todos los exploits de determinado nombre

Un video con ejemplos de uso :

El codigo :

Código: perl


#!usr/bin/perl
#Exploit DB Manager 0.6
#(C) Doddy Hackman 2015

use LWP::UserAgent;
use Getopt::Long;
use Color::Output;
Color::Output::Init;

my @agents = (
'Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:25.0) Gecko/20100101 Firefox/25.0',
    'Opera/9.80 (Windows NT 6.0) Presto/2.12.388 Version/12.14',
'Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1667.0 Safari/537.36',
'Mozilla/5.0 (compatible; MSIE 10.6; Windows NT 6.1; Trident/5.0; InfoPath.2; SLCC1; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; .NET CLR 2.0.50727) 3gpp-gba UNTRUSTED/1.0',
'Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.8pre) Gecko/20070928 Firefox/2.0.0.7 Navigator/9.0RC1',
    'Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))',
'Mozilla/5.0 (Windows NT 6.0; rv:2.0) Gecko/20100101 Firefox/4.0 Opera 12.14',
'Mozilla/5.0 (Windows; U; Windows NT 6.1; tr-TR) AppleWebKit/533.20.25 (KHTML, like Gecko) Version/5.0.4 Safari/533.20.27'
);

my $nave = LWP::UserAgent->new();
$nave->agent( $agents[ rand @agents ] );
$nave->timeout(5);

GetOptions(
    "search=s"       => \$search,
    "page=i"         => \$page,
    "read_exploit=s" => \$read_exploit,
    "download=s"     => \$download,
    "file=s"         => \$file,
    "download_all=s" => \$download_all
);

my $directorio_down = "downloads";

unless ( -d $directorio_down ) {
    mkdir( $directorio_down, "0777" );
    chmod 0777, $directorio_down;
}
chdir($directorio_down);

head();
if ( $search ne "" ) {
    if ( $page eq "" ) {
        by_search( $search, "1" );
    }
    else {
        by_search( $search, $page );
    }
}
elsif ( $read_exploit ne "" ) {
    by_read_exploit($read_exploit);
}
elsif ($download) {

    if ($file) {
        by_download( $download, $file );
    }
    else {
        by_download( $download, "" );
    }

}
elsif ($download_all) {

    if ( $page ne "" ) {
        by_download_all( $download_all, $page );
    }
    else {
        by_download_all( $download_all, "1" );
    }

}
else {
    sintax();
}
copyright();

sub by_download_all {

    my $query = $_[0];
    my $page  = $_[1];

    printear_titulo("\n[+] Searching  ...\n\n");

    my $directorio = $query;
    $directorio =~ s/\.//;
    $directorio =~ s/\=//;

    unless ( -d $directorio ) {
        mkdir( $directorio, "0777" );
        chmod 0777, $directorio;
    }
    chdir($directorio);

    my $code =
      toma( "http://www.exploit-db.com/search/?action=search&filter_page="
          . $page
          . "&filter_description="
          . $query
          . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
      );

    sleep(6);

    my %links_to_download;
    my @ids        = "";
    my @nombres    = "";
    my @links      = "";
    my @links_down = "";

    while ( $code =~
        /<a href="http:\/\/www.exploit-db.com\/exploits\/(.*?)">(.*?)<\/a>/migs
      )
    {
        my $id   = $1;
        my $name = $2;
        $name =~ s/&lt;//;
        $name =~ s/\<//;
        $name =~ s/(\s)+$//;

        my $link      = "http://www.exploit-db.com/exploits/" . $id;
        my $link_down = "http://www.exploit-db.com/download/" . $id;
        push( @nombres,    $name );
        push( @ids,        $id );
        push( @links,      $link );
        push( @links_down, $link_down );
    }

    printear("[+] Exploits Found : ");
    print int(@links) - 1 . "\n\n";

    for my $num ( 1 .. int(@links) - 1 ) {
        printear("[+] Title : ");
        print $nombres[$num] . "\n";
        printear("[+] Link : ");
        print $links[$num] . "\n";

        my $titulo = $nombres[$num];
        $titulo =~ s/=//ig;
        $titulo =~ s/\///ig;
        $titulo = $titulo . ".txt";
        printear("[+] Downloading ID : ");
        print $ids[$num];
        print "\n";
        sleep(6);

        if ( $nave->mirror( $links_down[$num], $titulo ) ) {
            printear("[+] Status : ");
            print "OK\n\n";
            chmod 0777, $titulo;
        }
        else {
            printear("[+] Status : ");
            print "FAIL\n\n";
        }
    }

    printear_titulo("[+] Finished\n");

}

sub by_download {

    my $id   = $_[0];
    my $file = $_[1];

    printear_titulo("\n[+] Downloading exploit ID : ");
    print $id. "\n";

    if ( $file ne "" ) {

        if (
            $nave->mirror(
                "http://www.exploit-db.com/download/" . $id . "/", $file
            )
          )
        {
            printear( "\n[+] File '" . $file . "' Downloaded !\n" );
            chmod 0777, $file;
        }
        else {
            printear("\n[-] WTF !\n");
        }

    }
    else {
        my $code = toma( "http://www.exploit-db.com/exploits/" . $id . "/" );
        if ( $code =~ /<h1 style="(.*?)">(.*?)<\/h1>/ ) {
            my $titulo       = $2;
            my $exploit_name = $titulo;
            $titulo =~ s/\.//;
            $titulo =~ s/\=//;
            $titulo = $titulo . ".txt";
            sleep(6);
            if (
                $nave->mirror(
                    "http://www.exploit-db.com/download/" . $id . "/", $titulo
                )
              )
            {
                printear( "\n[+] File '" . $exploit_name . "' Downloaded !\n" );
                chmod 0777, $titulo;
            }
            else {
                printear("\n[-] WTF !\n");
            }
        }
    }

}

sub by_read_exploit {

    printear_titulo("\n[+] Searching  ...\n\n");

    my $id     = $_[0];
    my $code   = toma( "http://www.exploit-db.com/exploits/" . $id . "/" );
    my $source = toma( "http://www.exploit-db.com/download/" . $id . "/" );

    if ( $code =~ /<h1 style="(.*?)">(.*?)<\/h1>/ ) {
        my $titulo = $2;

        printear("[+] Title : ");
        print $titulo. "\n";
    }
    else {
        printear("[-] WTF !\n");
    }

    if ( $code =~ /Author: (.*?)</ ) {
        my $autor = $1;

        printear("[+] Author : ");
        print $autor. "\n";
    }
    if ( $code =~ /Published: (.*?)</ ) {
        my $fecha = $1;
        printear("[+] Published : ");
        print $fecha. "\n";
    }

    if ( $code =~ /Vulnerable App: &nbsp;&nbsp; <a href="(.*?)">/ ) {
        my $app = $1;
        printear("[+] Vulnerable App : ");
        print $app. "\n";
    }

    print "\n-------------------------------------\n";
    printear($source);
    print "-------------------------------------\n";

}

sub by_search {

    my $query = $_[0];
    my $page  = $_[1];

    printear_titulo("\n[+] Searching  ...\n\n");

    my $code =
      toma( "http://www.exploit-db.com/search/?action=search&filter_page="
          . $page
          . "&filter_description="
          . $query
          . "&filter_exploit_text=&filter_author=&filter_platform=0&filter_type=0&filter_lang_id=0&filter_port=&filter_osvdb=&filter_cve="
      );

    my @dates   = "";
    my @nombres = "";
    my @tipos   = "";
    my @autores = "";
    my @links   = "";

    while ( $code =~ /<td class="list_explot_date">(.*?)<\/td>/migs ) {
        my $date = $1;
        push( @dates, $date );
    }

    while ( $code =~
        /<a href="http:\/\/www.exploit-db.com\/exploits\/(.*?)">(.*?)<\/a>/migs
      )
    {
        my $id   = $1;
        my $name = $2;
        $name =~ s/&lt;//;
        my $link = "http://www.exploit-db.com/exploits/" . $id;
        push( @nombres, $name );
        push( @links,   $link );
    }

    while ( $code =~
        /<a href="http:\/\/www.exploit-db.com\/platform\/(.*?)">(.*?)<\/a>/migs
      )
    {
        my $type = $2;
        push( @tipos, $type );
    }

    while ( $code =~
/<a href="http:\/\/www.exploit-db.com\/author\/(.*?)" title="(.*?)">/migs
      )
    {
        my $autor = $2;
        push( @autores, $autor );
    }

    printear("[+] Exploits Found : ");
    print int(@links) - 1 . "\n";

    for my $num ( 1 .. int(@links) - 1 ) {
        printear("\n[+] Title : ");
        print $nombres[$num] . "\n";
        printear("[+] Date : ");
        print $dates[$num] . "\n";
        printear("[+] Type : ");
        print $tipos[$num] . "\n";
        printear("[+] Author : ");
        print $autores[$num] . "\n";
        printear("[+] Link : ");
        print $links[$num] . "\n";
    }

}

sub printear {
    cprint( "\x036" . $_[0] . "\x030" );
}

sub printear_logo {
    cprint( "\x037" . $_[0] . "\x030" );
}

sub printear_titulo {
    cprint( "\x0310" . $_[0] . "\x030" );
}

sub sintax {
    printear("\n[+] Sintax : ");
    print "perl $0 <option> <value>\n";
    printear("\n[+] Options : \n\n");
    print "-search <query> -page <count> : Search exploits in page\n";
    print "-read_exploit <id exploit> : Read exploit\n";
    print "-download <id exploit> : Download an exploit\n";
    print "-download_all <query> -page <count> : Download all exploits\n";
    printear("\n[+] Example : ");
    print "perl exploitdb.pl -search smf -page 1\n";
    copyright();
}

sub head {
    printear_logo("\n-- == Exploit DB Manager 0.6 == --\n\n");
}

sub copyright {
    printear_logo("\n\n-- == (C) Doddy Hackman 2015 == --\n\n");
    exit(1);
}

sub toma {
    return $nave->get( $_[0] )->content;
}

#The End ?

Si quieren bajar el programa lo pueden hacer de aca :

You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.
You are not allowed to view links. You are not allowed to view links. Register or Login or You are not allowed to view links. Register or Login.

[Perl] Exploit DB Manager 0.6

BigBear

Febrero 13, 2015, 01:48:45 PM