def CVEFound(equalize_parser, description, detect_cve_name, check):
n = 0
equalizer = ""
del equalize_parser[0]
header = {
"User-Agent":
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36",
"X-Requested-With": "XMLHttpRequest"
}
try:
if len(description) < 50:
for i in range(0, len(description)):
detect_edb = re.search('"(.*?)"', str(
description[i])).group(0).strip('""')
sock_edb = urllib.request.urlopen(exploit_db + "raw/" +
detect_edb)
payload = sock_edb.read()
sock_edb.close()
info.GuessLang(str(payload))
equalizer = equalize_parser[i].find(detect_cve_name[n])
if payload != "":
if equalizer != -1:
print(bcolors.RED + bcolors.BOLD + "CVE-" +
bcolors.ENDC + bcolors.ENDC +
detect_cve_name[n] + " : " + description[i] +
info.findlang)
info.IsCheck(description, i, check)
n += 1
if n == len(detect_cve_name):
break
else:
print(bcolors.RED + bcolors.BOLD + "CVE-NONE" +
bcolors.ENDC + bcolors.ENDC + " : " +
description[i] + info.findlang)
info.IsCheck(description, i, check)
else:
if equalizer != -1:
print(bcolors.RED + bcolors.BOLD + "CVE-" +
bcolors.ENDC + bcolors.ENDC +
detect_cve_name[n] + " : " + description[i])
info.IsCheck(description, i, check)
n += 1
if n == len(detect_cve_name):
break
else:
print(bcolors.RED + bcolors.BOLD + "CVE-NONE" +
bcolors.ENDC + bcolors.ENDC + " : " +
description[i])
info.IsCheck(description, i, check)
else:
print(infos.ERROR + "Too many results, be more specific !")
except:
print("")
print(infos.ERROR + "Be careful, maybe not all CVEs are displayed.")
pass
def SearchExploit(software, check):
if software == None:
pass
else:
print("\n" + infos.PROCESS + "SEARCHING...")
header = {"User-Agent": "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36","X-Requested-With": "XMLHttpRequest"}
url = exploit_db + "search?q=" + software
print(infos.INFO + "SEARCHING FOR : " + url)
sock_find = requests.get(url, headers = header)
findme = BeautifulSoup(sock_find.text, 'html.parser')
try:
detect_cve_name = re.findall('\"cve\"\,\"code\"\:\"(.*?)\"', str(findme), re.DOTALL)
description = re.findall('description\"\:(.*?)\,\"type_id', str(findme), re.DOTALL)
equalize_parser = str(findme).split('description')
if detect_cve_name == [] and description == []:
print("\n" + infos.GOOD + "No CVE found for this software version !")
print("")
else:
print(infos.GOOD + "EXPLOITS FOUND : " + "\n")
if description == [] and detect_cve_name != []:
for i in range(0, len(detect_cve_name)):
print(bcolors.RED + bcolors.BOLD + "CVE-" + bcolors.ENDC + bcolors.ENDC + detect_cve_name[i] + " : " + "No description found.")
info.IsCheck(detect_cve_name, i, check)
print("")
else:
CVEFound(equalize_parser, description, detect_cve_name, check)
print("")
except RuntimeError:
print(infos.ERROR + "Too many results, be more specific !\n")
except:
print(infos.ERROR + "Error during the detection !\n")
def DetectCVE(site, detect, check):
if site == "exploit_db":
if detect == None:
pass
else:
print("\n" + infos.PROCESS + "DETECTING...")
os_uname = os.uname()
os_concat = os_uname[0] + ' ' + os_uname[2]
os_version_number = re.search('(.*?)-', os_concat).group(1)
print(infos.GOOD + "KERNEL FOUND : " + os_version_number)
header = {
"User-Agent":
"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.75 Safari/537.36",
"X-Requested-With": "XMLHttpRequest"
}
url = exploit_db + "search?text=" + os_version_number
print(infos.INFO + "SEARCHING FOR : " + url)
sock_detect = requests.get(url, headers=header)
findme = BeautifulSoup(sock_detect.text, 'html.parser')
equalize_parser = str(findme).split('description')
try:
detect_cve_name = []
description = re.findall('description\"\:(.*?)\,\"type_id',
str(findme), re.DOTALL)
for z in description:
detect_cve_name.append("None")
if detect_cve_name == [] and description == []:
print(infos.GOOD +
"This machine does not seams vulnerable !")
print("")
else:
print(infos.GOOD + "POSSIBLE EXPLOITS : " + "\n")
if description == [] and detect_cve_name != []:
for i in range(0, len(detect_cve_name)):
print(bcolors.RED + bcolors.BOLD + "CVE-" +
bcolors.ENDC + bcolors.ENDC +
detect_cve_name[i] + " : " +
"No description found.")
info.IsCheck(detect_cve_name, i, check)
print("")
else:
CVEFound(equalize_parser, description, detect_cve_name,
check)
print("")
except RuntimeError:
print(infos.ERROR + "Too many results, be more specific !\n")
except:
print(infos.ERROR + "Error during the detection !\n")
def CVEFound(detect_edb, description, detect_cve_name, verified, check):
sock_edb = urllib.request.urlopen(exploit_db + "raw/" + detect_edb)
payload = sock_edb.read()
sock_edb.close()
info.GuessLang(str(payload))
if payload != "":
if description == None and detect_cve_name != None:
print(bcolors.RED + bcolors.BOLD + "CVE-" + bcolors.ENDC + bcolors.ENDC + detect_cve_name + " : " + "No description found.")
else:
print(bcolors.RED + bcolors.BOLD + "CVE-" + bcolors.ENDC + bcolors.ENDC + detect_cve_name + " : " + str(description) + info.findlang)
info.IsCheck(verified, check)
