search

vulsio / go-exploitdb

Tool for searching Exploits from Exploit Databases, etc.
MIT License
249 stars 56 forks source link

feat(exploitdb): add the information of exploitdb-papers #52

Closed MaineK00n closed 3 years ago

MaineK00n commented 3 years ago

What did you implement:

The current fetch exploitdb inserts Exploits and Shellcodes information from offensive-security/exploitdb.

In this PR, I would like to add information about offensive-security/exploitdb-papers to fetch exploitdb. exploitdb-papers contains information about papers and so on.

Type of change

How Has This Been Tested?

Search by CVE-ID

// PR
$ go-exploitdb search --type CVE --param CVE-2012-6613

Results: 
---------------------------------------

[*]CVE-ExploitID Reference:
  CVE: CVE-2012-6613
  Exploit Type: OffensiveSecurity
  Exploit Unique ID: 22930
  URL: https://www.exploit-db.com/exploits/22930
  Description: D-Link DSR-250N Persistent Root Access

[*]Exploit Detail Info: 
  [*]OffensiveSecurity: 
  - Paper:
    https://github.com/offensive-security/exploitdb-papers/blob/master/papers/english/22930-d-link-dsr-250n-persistent-root-access.txt
---------------------------------------

// upstream/master
$ go-exploitdb search --type CVE --param CVE-2012-6613

Results: 
---------------------------------------
No Record Found

Search by ExploitUniqueID

$ go-exploitdb search --type ID --param 30061

Results: 
---------------------------------------

[*]CVE-ExploitID Reference:
  CVE: CVE-2013-5946
  Exploit Type: OffensiveSecurity
  Exploit Unique ID: 30061
  URL: https://www.exploit-db.com/exploits/30061
  Description: Zine: D-Link DSR Router Series - Remote Command Execution

[*]Exploit Detail Info: 
  [*]OffensiveSecurity: 
  - Paper:
    https://github.com/offensive-security/exploitdb-papers/blob/master/papers/english/30061-zine-d-link-dsr-router-series---remote-command-execution.txt
---------------------------------------

[*]CVE-ExploitID Reference:
  CVE: CVE-2013-7004
  Exploit Type: OffensiveSecurity
  Exploit Unique ID: 30061
  URL: https://www.exploit-db.com/exploits/30061
  Description: Zine: D-Link DSR Router Series - Remote Command Execution

[*]Exploit Detail Info: 
  [*]OffensiveSecurity: 
  - Paper:
    https://github.com/offensive-security/exploitdb-papers/blob/master/papers/english/30061-zine-d-link-dsr-router-series---remote-command-execution.txt
---------------------------------------

[*]CVE-ExploitID Reference:
  CVE: CVE-2013-7005
  Exploit Type: OffensiveSecurity
  Exploit Unique ID: 30061
  URL: https://www.exploit-db.com/exploits/30061
  Description: Zine: D-Link DSR Router Series - Remote Command Execution

[*]Exploit Detail Info: 
  [*]OffensiveSecurity: 
  - Paper:
    https://github.com/offensive-security/exploitdb-papers/blob/master/papers/english/30061-zine-d-link-dsr-router-series---remote-command-execution.txt
---------------------------------------

Query modification

The offensive_security_id used in WHERE when searching for documents, shell_codes, (papers) has been changed to use the correct one. The upstream/master only uses offensive_securities.id:7449. The query should use both 7449 and 7500. It has been fixed as such.

sqlite> SELECT id FROM "exploits"  WHERE ("exploits"."exploit_unique_id" = '6560');
id
7449
7450
sqlite> SELECT * FROM "offensive_securities"  WHERE ("offensive_securities"."exploit_unique_id" = '6560');
id|exploit_id|exploit_unique_id
7449|7449|6560
7450|7450|6560

// PR
$ go-exploitdb search --type ID --param 6560 --debug-sql

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:53) 
[2021-06-28 12:38:47]  [0.05ms]  PRAGMA foreign_keys = ON  
[0 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:181) 
[2021-06-28 12:38:47]  [8.18ms]  SELECT * FROM "exploits"  WHERE ("exploits"."exploit_unique_id" = '6560')  
[2 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.70ms]  SELECT * FROM "offensive_securities"  WHERE ("offensive_securities"."exploit_id" = 7449) ORDER BY "offensive_securities"."id" ASC LIMIT 1  
[1 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [6.43ms]  SELECT * FROM "documents"  WHERE ("offensive_security_id" IN (7449)) ORDER BY "documents"."id" ASC  
[0 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.24ms]  SELECT * FROM "shell_codes"  WHERE ("offensive_security_id" IN (7449)) ORDER BY "shell_codes"."id" ASC  
[0 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.30ms]  SELECT * FROM "papers"  WHERE ("offensive_security_id" IN (7449)) ORDER BY "papers"."id" ASC  
[0 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.38ms]  SELECT * FROM "offensive_securities"  WHERE ("offensive_securities"."exploit_id" = 7450) ORDER BY "offensive_securities"."id" ASC LIMIT 1  
[1 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [9.16ms]  SELECT * FROM "documents"  WHERE ("offensive_security_id" IN (7450)) ORDER BY "documents"."id" ASC  
[1 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.36ms]  SELECT * FROM "shell_codes"  WHERE ("offensive_security_id" IN (7450)) ORDER BY "shell_codes"."id" ASC  
[0 rows affected or returned ] 

(/home/mainek00n/github/github.com/MaineK00n/go-exploitdb/db/rdb.go:186) 
[2021-06-28 12:38:47]  [0.44ms]  SELECT * FROM "papers"  WHERE ("offensive_security_id" IN (7450)) ORDER BY "papers"."id" ASC  
[0 rows affected or returned ]

// upstream/master
$ go-exploitdb search --type ID --param 6560 --debug-sql

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:54) 
[2021-06-28 12:37:43]  [0.06ms]  PRAGMA foreign_keys = ON  
[0 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:152) 
[2021-06-28 12:37:43]  [8.77ms]  SELECT * FROM "exploits"  WHERE ("exploits"."exploit_unique_id" = '6560')  
[2 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [0.19ms]  SELECT * FROM "offensive_securities"  WHERE ("offensive_securities"."exploit_unique_id" = '6560') ORDER BY "offensive_securities"."id" ASC LIMIT 1  
[1 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [5.25ms]  SELECT * FROM "documents"  WHERE ("offensive_security_id" IN (7449))  
[0 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [0.32ms]  SELECT * FROM "shell_codes"  WHERE ("offensive_security_id" IN (7449))  
[0 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [0.15ms]  SELECT * FROM "offensive_securities"  WHERE ("offensive_securities"."exploit_unique_id" = '6560') ORDER BY "offensive_securities"."id" ASC LIMIT 1  
[1 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [6.34ms]  SELECT * FROM "documents"  WHERE ("offensive_security_id" IN (7449))  
[0 rows affected or returned ] 

(/home/mainek00n/go/src/github.com/mozqnet/go-exploitdb/db/rdb.go:157) 
[2021-06-28 12:37:43]  [0.33ms]  SELECT * FROM "shell_codes"  WHERE ("offensive_security_id" IN (7449))  
[0 rows affected or returned ]

Checklist:

You don't have to satisfy all of the following.

Is this ready for review?: YES

Reference