FEATURE REQUEST Allow to search searchsploit by CVE #

[ghost-ng]

As the title say, allow exploit searching by cve # in searchsploit.

[FalcoGer]

I would like this, too. Many tools report possible CVEs and not being able to look for exploits by CVE is really hindering.

[hideout]

good point...

would love it too nice Feature Request!

Am Mi., 29. Dez. 2021 um 13:47 Uhr schrieb FalcoGer < @.***>:

I would like this, too. Many tools report possible CVEs and not being able to look for exploits by CVE is really hindering.

— Reply to this email directly, view it on GitHub https://github.com/offensive-security/exploitdb/issues/209#issuecomment-1002578026, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAEMNDOPXWFY2EPDQFUQLYTUTL7OXANCNFSM5GSNOFCQ . Triage notifications on the go with GitHub Mobile for iOS https://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Android https://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

You are receiving this because you are subscribed to this thread.Message ID: @.***>

[FalcoGer]

if it helps there is https://github.com/andreafioraldi/cve_searchsploit, but it would be great to have it built in. Especially since that tool also downloads the entire exploitdb repository (again) anyway. Anyhow, the code generates a mapping between EDBIDs and CVEs, which may be reused.

[ghost-ng]

yea if I remember correctly, this one of my reasons to create this request (I also dont want to redownload the entire exploitdb database)...additionally, this functionality should be integrated into searchsploit anyways without requiring additional 3rd party tools.

[FalcoGer]

you can delete the exploitdb directory the cve_searchsploit script uses and make a softlink to /opt/exploit-database/ in it's place. you may need to mess with permissions in /opt/ though.

[Alexell]

I join. Need to search by CVE.

P.S. cve_searchsploit does not work for me (ERROR - CVE not found)

[planetbridging]

I've already built this feature where it shows the exploits along side the cve and it's online mostly http://pressback.space/security/.

I'm making an open source version which Auto downloads everything it needs, produces reports and shows exploits as well then eventually run them.

On Fri, 22 Apr 2022, 9:10 pm Alexell, @.***> wrote:

I join. Need to search by CVE.

P.S. cve_searchsploit does not work for me (ERROR - CVE not found)

— Reply to this email directly, view it on GitHub https://github.com/offensive-security/exploitdb/issues/209#issuecomment-1106407480, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALHSQ46B5BNPBBMJHHOBB4TVGKCJFANCNFSM5GSNOFCQ . You are receiving this because you are subscribed to this thread.Message ID: @.***>

[Alexell]

@planetbridging your site searches the same database, which is already outdated and does not find new CVEs.

[planetbridging]

That's why I'm rebuilding it to automatic update.

Most cve's in kali repo will be out of date there not gonna put zero days on there and if you have another place to search exploits other then searchsploit because it's only got like 20k I'm all ears.

On Sun, Apr 24, 2022 at 12:46 AM Alexell @.***> wrote:

@planetbridging https://github.com/planetbridging your site searches the same database, which is already outdated and does not find new CVEs.

— Reply to this email directly, view it on GitHub https://github.com/offensive-security/exploitdb/issues/209#issuecomment-1107514779, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALHSQ43PVSFDUGFMBGE2M2TVGQENDANCNFSM5GSNOFCQ . You are receiving this because you were mentioned.Message ID: @.***>

[offensive-security]

Sorry for the delay. We can now say this is possible with our 2022 update: https://www.offensive-security.com/offsec/exploit-db-2022-update/

You should be able to get updates now from: https://gitlab.com/exploit-database/exploitdb