Monday, January 13, 2014

Searchsploit-rb - Exploit-DB Search Tool gets an upgrade?

Exploit-DB is pretty famous for their collection of exploits and papers and if you are not familiar with them then then you should use some Google-fu to check up on them. They should be a bookmark found in pretty much any hackers handbook. In the past they had made their full archive available for download over HTTP, which was shaky at best and unless you scheduled it with cron or something you never knew if you had the latest and greatest and updating from a scripted manner was not always reliable (for me anyways). I had previously coded this tool in the past for the old archive methods, but today I noticed on Reddit they have moved to Github - w00t! This makes things much easier for everyone, well most people anyway.

Now they have had their archive collection for some time and the searchsploit bash script works just fine, however it can be too simplistic at times and not yield the results we want, unless you match your search syntax to its janky search method. It also lacks color and output logging. I had some time this morning so I decided to update my old script to take advantage of the simplicity of Github to allow easy fetching of new copies and/or updating existing ones. I also added a bit of color to the presentation of the results. It's very helpful for me so thought I would share with the rest of you...

To download exploit-db archives on your own from command line using normal git client:
COMMAND: git clone https://github.com/offensive-security/exploit-database.git

Then to update from command line when you want, you simply pull:
COMMAND: git pull

This can all be done from within my tool so now you can update and search from one place :) Here is a quick overview and a link to my Github page where you can find it.

Help Menu:



If it can't find the archive setup, it will offer to download via git for you:

Search by a range of options with option to log results to file:


NOTE: this can be handy when you get a lot of results (SQL Injection searches mostly...)

Easy peazy updating now that things can leverage Github:



You can find things on my Github page:
git clone https://github.com/Hood3dRob1n/Exploit-DB-Local-Archive-Search-Tool.git

Should only need to install the 'colorize' gem to get things started with ruby:
sudo gem install colorize





Special thanks to everyone on the Offesive Security
 team that helps to make exploit-db and all of their other awesome projects possible!

Until next time, enjoy!

Wednesday, January 8, 2014

Shodan Search Tool w/My Ruby API Class

Today I just wanted to share a little something I made for Shodan. If you don't know what Shodan is, then I highly recommend you check them out and do some quick googling to see what others have done with its help. I initially tried using their published ruby gem and published API documentation but it failed miserably (likely could just be me, but seems their code is outdated with how their site provides output now, idk). I really like Shodan though so I decided to create my own version of their API so I could get started on making a cool search assistant I can run from the command line with some basic logging for analysis after. Once I finished redoing the API class, I made a little CLI based search tool to make quick Shodan research a snap and am now sharing with the rest of the world, hope its helpful for others.

Prerequisites:
sudo gem install colorize curb json nokogiri

NOTE: curb uses libcurl under the hood so you might need to install this if not already included on your OS

Basic Help Menu:


You can run a basic Shodan search and display the results, which are also logged to the results folder.


The logged results are overwritten on each search so you need to rename it or move it if you want to use it later and plan to run multiple searches.

I also made option for quick search which runs a Shodan search and returns the list of IP addresses from results, skipping all the details. I typically run a normal search, then a follow up quick search on same keywords to pass of lists to other tools in a speedy fashion while manual review is more involved with the full search results...

Shodan also offers up a nice search feature to search for exploits which leverages multiple exploit databases. I currently have the Exploit-db and Metasploit search engines available and fully working. This means you can easily search for known exploits with variety of keywords and get matching results displayed and logged for you.

You can even download the exploit/poc code from search results by referencing the ID number from results.

ToDo List:
Include options to search tool for premium search options (somewhat built into my API Class already but not in tool). Include a Gemfile for easy installs for bundler lovers. Also I have not uploaded things to Github yet as I fried my old box and lost a lot of stuff, working on recovery still but should have it updated soon. Until then you can find things on Pastebin, available for a long while...

My Shodan API Standalone Class:

Direct link: http://pastebin.com/q6LZJqcD


My Shodan API Search Tool, Source Code:

Direct Link: http://pastebin.com/B0SdmmrX

Helpful for me, hope it is for you too!

Until next time, Enjoy!