-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathExploit.py
More file actions
67 lines (59 loc) · 4.28 KB
/
Exploit.py
File metadata and controls
67 lines (59 loc) · 4.28 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
import requests
from bs4 import BeautifulSoup
from main import headers
# These two function below send request to the endpoint to retrieve data from Exploit DB
def check_exploit_db(cve_id):
url = f"https://www.exploit-db.com/search?cve={cve_id}&draw=1&columns%5B0%5D%5Bdata%5D=date_published&columns%5B0" \
f"%5D%5Bname%5D=date_published&columns%5B0%5D%5Bsearchable%5D=true&columns%5B0%5D%5Borderable%5D=true" \
f"&columns%5B0%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B0%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B1%5D%5Bdata" \
f"%5D=download&columns%5B1%5D%5Bname%5D=download&columns%5B1%5D%5Bsearchable%5D=false&columns%5B1%5D" \
f"%5Borderable%5D=false&columns%5B1%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B1%5D%5Bsearch%5D%5Bregex%5D=false" \
f"&columns%5B2%5D%5Bdata%5D=application_md5&columns%5B2%5D%5Bname%5D=application_md5&columns%5B2%5D" \
f"%5Bsearchable%5D=true&columns%5B2%5D%5Borderable%5D=false&columns%5B2%5D%5Bsearch%5D%5Bvalue%5D=&columns" \
f"%5B2%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B3%5D%5Bdata%5D=verified&columns%5B3%5D%5Bname%5D=verified" \
f"&columns%5B3%5D%5Bsearchable%5D=true&columns%5B3%5D%5Borderable%5D=false&columns%5B3%5D%5Bsearch%5D" \
f"%5Bvalue%5D=&columns%5B3%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B4%5D%5Bdata%5D=description&columns%5B4" \
f"%5D%5Bname%5D=description&columns%5B4%5D%5Bsearchable%5D=true&columns%5B4%5D%5Borderable%5D=false&columns" \
f"%5B4%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B4%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B5%5D%5Bdata%5D" \
f"=type_id&columns%5B5%5D%5Bname%5D=type_id&columns%5B5%5D%5Bsearchable%5D=true&columns%5B5%5D%5Borderable" \
f"%5D=false&columns%5B5%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B5%5D%5Bsearch%5D%5Bregex%5D=false&columns%5B6" \
f"%5D%5Bdata%5D=platform_id&columns%5B6%5D%5Bname%5D=platform_id&columns%5B6%5D%5Bsearchable%5D=true" \
f"&columns%5B6%5D%5Borderable%5D=false&columns%5B6%5D%5Bsearch%5D%5Bvalue%5D=&columns%5B6%5D%5Bsearch%5D" \
f"%5Bregex%5D=false&columns%5B7%5D%5Bdata%5D=author_id&columns%5B7%5D%5Bname%5D=author_id&columns%5B7%5D" \
f"%5Bsearchable%5D=false&columns%5B7%5D%5Borderable%5D=false&columns%5B7%5D%5Bsearch%5D%5Bvalue%5D=&columns" \
f"%5B7%5D%5Bsearch%5D%5Bregex%5D=false&order%5B0%5D%5Bcolumn%5D=0&order%5B0%5D%5Bdir%5D=desc&start=0&length" \
f"=15&search%5Bvalue%5D=&search%5Bregex%5D=false "
header = {
"authority": "www.exploit-db.com",
"accept": "application/json, text/javascript, */*; q=0.01",
"accept-language": "en-US,en;q=0.8",
"cookie": "XSRF-TOKEN"
"=eyJpdiI6IlJBT0RrMGlXZ0ZwOGpaT05wOWZpdUE9PSIsInZhbHVlIjoiRXVEVHcrSmdTWldBMHJlTTJhZ04zMjJOOGFvVUNKYUM4NytvQlhDRFc2eE5kb2hcL2Q5bkdnY1IxNzhmejVXVHIiLCJtYWMiOiJkZTUzYjI3mYjc4ZGNkMCJ9",
"referer": f"https://www.exploit-db.com/search?cve={cve_id}",
"sec-ch-ua": "'Brave';v='117', 'Not;A=Brand';v='8', 'Chromium';v='117'",
"sec-ch-ua-mobile": "?0",
"sec-ch-ua-platform": "'Windows'",
"sec-fetch-dest": "empty",
"sec-fetch-mode": "cors",
"sec-fetch-site": "same-origin",
"sec-gpc": "1",
"user-agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) "
"Chrome/117.0.0.0 Safari/537.36",
"x-requested-with": "XMLHttpRequest"
}
response = requests.get(url, headers=header)
data = response.json()
records_total = data.get("recordsTotal", 0)
if records_total != 0:
first_exploit_id = data.get("data", [])[0].get("id")
exploit_header = data.get("data", [])[0].get("description")[1]
exploit_script = fetch_exploit_script(first_exploit_id)
return records_total, exploit_header, exploit_script
else:
return "No script available", "No script available", "No script available"
def fetch_exploit_script(exploit_id):
response = requests.get(f"https://www.exploit-db.com/exploits/{exploit_id}", headers=headers)
soup = BeautifulSoup(response.text, "html.parser")
scrip_element = soup.find("code")
script = scrip_element.text if scrip_element else "Script is not available"
return script