Command line search and download tool for Vulners Database inspired by searchsploit.
Project description
getsploit
Description
Inspired by searchsploit, it combines two features: command line search and download tool. It allows you to search online for the exploits across all the most popular collections: Exploit-DB, Metasploit, Packetstorm and others. The most powerful feature is immediate exploit source download right in your working path.
Python version
Utility was tested on python3.10+ with SQLite FTS4 support. If you have found any bugs, don't hesitate to create an issue
How to use
Install: pip install getsploit
Obtain Vulners API key
Please, register at Vulners website. Go to the personal menu by clicking on your name in the right top corner. Follow "API KEYS" tab. Generate API key with scope "api" and use it with the getsploit.
Search
# pip install getsploit
# getsploit wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
| ID | Exploit Title | URL |
+======================+================================+====================================================+
| PACKETSTORM:141039 | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
| | PHP Code Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41308 | WordPress 4.7.0/4.7.1 Plugin | https://vulners.com/exploitdb/EDB-ID:41308 |
| | Insert PHP - PHP Code | |
| | Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41223 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41223 |
| | Unauthenticated Content | |
| | Injection (PoC) | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140893 | WordPress 4.7.0 / 4.7.1 REST | https://vulners.com/packetstorm/PACKETSTORM:140893 |
| | API Privilege Escalation | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140902 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140902 |
| | Content Injection / Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140901 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140901 |
| | Content Injection Proof Of | |
| | Concept | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41224 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41224 |
| | Unauthenticated Content | |
| | Injection Arbitrary Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 |
| | injection | |
+----------------------+--------------------------------+----------------------------------------------------+
Save exploit files
# getsploit -m wordpress 4.7.0
Total found exploits: 8
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit%20AND%20wordpress%204.7.0
+----------------------+--------------------------------+----------------------------------------------------+
| ID | Exploit Title | URL |
+======================+================================+====================================================+
| PACKETSTORM:141039 | WordPress 4.7.0 / 4.7.1 Insert | https://vulners.com/packetstorm/PACKETSTORM:141039 |
| | PHP Code Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41308 | WordPress 4.7.0/4.7.1 Plugin | https://vulners.com/exploitdb/EDB-ID:41308 |
| | Insert PHP - PHP Code | |
| | Injection | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41223 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41223 |
| | Unauthenticated Content | |
| | Injection (PoC) | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140893 | WordPress 4.7.0 / 4.7.1 REST | https://vulners.com/packetstorm/PACKETSTORM:140893 |
| | API Privilege Escalation | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140902 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140902 |
| | Content Injection / Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| PACKETSTORM:140901 | WordPress 4.7.0 / 4.7.1 | https://vulners.com/packetstorm/PACKETSTORM:140901 |
| | Content Injection Proof Of | |
| | Concept | |
+----------------------+--------------------------------+----------------------------------------------------+
| EDB-ID:41224 | WordPress 4.7.0/4.7.1 - | https://vulners.com/exploitdb/EDB-ID:41224 |
| | Unauthenticated Content | |
| | Injection Arbitrary Code | |
| | Execution | |
+----------------------+--------------------------------+----------------------------------------------------+
| SSV-92637 | WordPress REST API content | https://vulners.com/seebug/SSV-92637 |
| | injection | |
+----------------------+--------------------------------+----------------------------------------------------+
# ls
LICENSE README.md getsploit.py wordpress-470
# cd wordpress-470
# ls
edb-id41223.txt edb-id41224.txt edb-id41308.txt packetstorm140893.txt packetstorm140901.txt packetstorm140902.txt packetstorm141039.txt ssv-92637.txt
Local database
If your Python supports sqlite3 lib(builtin) you can use --update and --local commands to download whole exploit database to your PC. After update you can perform local offline searches.
# getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
219642496/219642496 [100.00%]
Unpacking database.
Database download complete. Now you may search exploits using --local key './getsploit.py -l wordpress 4.7'
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
getsploit-2.0.2.tar.gz
(17.0 kB
view details)
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
getsploit-2.0.2-py3-none-any.whl
(17.7 kB
view details)
File details
Details for the file getsploit-2.0.2.tar.gz.
File metadata
- Download URL: getsploit-2.0.2.tar.gz
- Upload date:
- Size: 17.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.1.3 CPython/3.11.5 Darwin/24.1.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
17f5fd88118775b4b2d96e6d585436d7cd17435a9bb636e8eb1a16c1515bab97
|
|
| MD5 |
ff0349d87524e8682ca33e4b176c06d2
|
|
| BLAKE2b-256 |
2c535eaf6d723f7eb9252a095edaa504ce9b14899fae5b3f5bbc0860875f828c
|
File details
Details for the file getsploit-2.0.2-py3-none-any.whl.
File metadata
- Download URL: getsploit-2.0.2-py3-none-any.whl
- Upload date:
- Size: 17.7 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/2.1.3 CPython/3.11.5 Darwin/24.1.0
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9d3775f943ba303a5fcb53d9415391736e395d371960cb4947d5257e051a411d
|
|
| MD5 |
88c13a4ddef2b936b98cd513d4f48fbb
|
|
| BLAKE2b-256 |
004c5a3401e9e38e25d44e1edf828d78f3fefe9c12f1f86083fe684a5deb8ca3
|
