crash.software
Projects
Pull Requests
Issues
Builds
linuxprivchecker
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY linuxprivchecker Commits 17d166fc
🤬

  • moved searchsploit check to pre-main() and made the search loop cleaner?

  • Loading...
  • linted committed 6 years ago
    17d166fc
    1 parent f98377ed
Revision indexing in progress... (symbol navigation in revisions will be accurate after indexed)
  • ■ ■ ■ ■ ■ ■
    privcheckerserver.py
    skipped 21 lines
    22 22   print('[+] Connection from '+ self.client_address[0])
    23 23   output = []
    24 24   for data in iter(self.rfile.readline, ''):
    25  - term = data.decode().strip()
    26  - if not re.search("^[\w\s:\-\+\.~_]+$", term):
    27  - print("[-] recieved search term with invalid characters: {}".format(term))
    28  - continue
     25 + term = data.decode().strip().split(" ")
     26 + term[-1] = term[-1][:3] #cut down on the last item which should be the version number
     27 + for splitTerms in term:
     28 + if not re.search("^[\w\s:\-\+\.~_]+$", term):
     29 + print("[-] recieved search term with invalid characters: {}".format(term))
     30 + break #bad term break so we don't search it
     31 + else:
     32 + print('[ ] Searching for: ' + term)
     33 + proc = subprocess.Popen([_searchsploit, *splitTerms], stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
     34 + self.wfile.write('{}\n'.format(proc.stdout.read()).encode())
    29 35   
    30  - print('[ ] Searching for: ' + term)
    31  - proc = subprocess.Popen([_searchsploit, *splitTerms], stdout=subprocess.PIPE, stderr=subprocess.STDOUT)
    32  - self.wfile.write('{}\n'.format(proc.stdout.read()).encode())
    33 36   print('[$] Closing connection from {}\n'.format(self.client_address[0]))
    34 37   except Exception as e:
    35 38   print("[-] Caught exception {}. Closing this connection.".format(e))
    skipped 6 lines
    42 45  
    43 46   
    44 47  def main():
    45  - #make sure we have searchsploit accessable
    46  - _searchsploit = which("searchsploit")
    47  - if not _searchsploit:
    48  - print("Please install searchsploit.\nFor more details visit: https://github.com/offensive-security/exploit-database")
    49  - exit(2)
    50  - 
    51 48   exploit = ExploitServer((_IP_, _PORT_), SearchHandler)
    52 49   print('[ ] Starting server on port ' + str(_PORT_))
    53 50   try:
    skipped 13 lines
    67 64   _IP_ = args.ip
    68 65   if args.port:
    69 66   _PORT_ = args.port
     67 + 
     68 + #make sure we have searchsploit accessable
     69 + _searchsploit = which("searchsploit")
     70 + if not _searchsploit:
     71 + print("Please install searchsploit.\nFor more details visit: https://github.com/offensive-security/exploit-database")
     72 + exit(2)
    70 73   
    71 74   print("[ ] Starting up")
    72 75   main()
Please wait...
Page is in error, reload to recover