| skipped 21 lines |
22 | 22 | | print('[+] Connection from '+ self.client_address[0]) |
23 | 23 | | output = [] |
24 | 24 | | for data in iter(self.rfile.readline, ''): |
25 | | - | term = data.decode().strip() |
26 | | - | if not re.search("^[\w\s:\-\+\.~_]+$", term): |
27 | | - | print("[-] recieved search term with invalid characters: {}".format(term)) |
28 | | - | continue |
| 25 | + | term = data.decode().strip().split(" ") |
| 26 | + | term[-1] = term[-1][:3] #cut down on the last item which should be the version number |
| 27 | + | for splitTerms in term: |
| 28 | + | if not re.search("^[\w\s:\-\+\.~_]+$", term): |
| 29 | + | print("[-] recieved search term with invalid characters: {}".format(term)) |
| 30 | + | break #bad term break so we don't search it |
| 31 | + | else: |
| 32 | + | print('[ ] Searching for: ' + term) |
| 33 | + | proc = subprocess.Popen([_searchsploit, *splitTerms], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) |
| 34 | + | self.wfile.write('{}\n'.format(proc.stdout.read()).encode()) |
29 | 35 | | |
30 | | - | print('[ ] Searching for: ' + term) |
31 | | - | proc = subprocess.Popen([_searchsploit, *splitTerms], stdout=subprocess.PIPE, stderr=subprocess.STDOUT) |
32 | | - | self.wfile.write('{}\n'.format(proc.stdout.read()).encode()) |
33 | 36 | | print('[$] Closing connection from {}\n'.format(self.client_address[0])) |
34 | 37 | | except Exception as e: |
35 | 38 | | print("[-] Caught exception {}. Closing this connection.".format(e)) |
| skipped 6 lines |
42 | 45 | | |
43 | 46 | | |
44 | 47 | | def main(): |
45 | | - | #make sure we have searchsploit accessable |
46 | | - | _searchsploit = which("searchsploit") |
47 | | - | if not _searchsploit: |
48 | | - | print("Please install searchsploit.\nFor more details visit: https://github.com/offensive-security/exploit-database") |
49 | | - | exit(2) |
50 | | - | |
51 | 48 | | exploit = ExploitServer((_IP_, _PORT_), SearchHandler) |
52 | 49 | | print('[ ] Starting server on port ' + str(_PORT_)) |
53 | 50 | | try: |
| skipped 13 lines |
67 | 64 | | _IP_ = args.ip |
68 | 65 | | if args.port: |
69 | 66 | | _PORT_ = args.port |
| 67 | + | |
| 68 | + | #make sure we have searchsploit accessable |
| 69 | + | _searchsploit = which("searchsploit") |
| 70 | + | if not _searchsploit: |
| 71 | + | print("Please install searchsploit.\nFor more details visit: https://github.com/offensive-security/exploit-database") |
| 72 | + | exit(2) |
70 | 73 | | |
71 | 74 | | print("[ ] Starting up") |
72 | 75 | | main() |