ExploitTree Search Engine

From SecurityForest

There is a file called bids.txt in the root directory of the ExploitTree (ie. Local Copy on all users harddrives). This file MUST be that basis for the search engine. It is automatically created by a script written by Loni (the file should actually be updated, its been a while).
Anyway, the bids.txt file consists of the following:

:bid:description:exploitname

Example use of the file is as follows:

D:\Data\tools\SF\ExploitTree>cat bids.txt |grep dcom
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:dcomrpc.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:dcom.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:07.30.dcom48.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:30.07.03.dcom.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:0x82-dcomrpc_usemgret.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:oc192-dcom.c
:8205:Microsoft Windows DCOM RPC Interface Buffer Overrun Vulnerability:msrpc_dcom_ms03_026.pm
:9529:PhpGedView Editconfig_gedcom.php Directory Traversal Vulnerability:
:10599:Linux Kernel Broadcom 5820 Cryptonet Driver Integer Overflow Vulnerability:

If you have just finished a vulnerability scan with say, nessus, it outputs the bid's of the vulnerabilities it has found, you can use them to search for an exploit as follows:

D:\Data\tools\SF\ExploitTree>cat bids.txt |grep :5976:
:5976:Cisco CatOS CiscoView HTTP Server Buffer Overflow Vulnerability:ciscoMultipleVulnsExploit.pl

Now, the search engine should parse the output of the grep for the exploitname, search for it in the tree, then take the user to the relevant directory.

Do you see where I'm going with this ???
Loni 02:45, 23 Dec 2004 (IST)

Comments:

Gotcha 02:49, 24 Dec 2004 (IST) Sure. I will have a look on that.

xsearch.pl (ExploitTree Search Script)

A script called xsearch.pl is available in the root directory of the ExploitTree. I wrote it a while back when I created the bids.txt file, it should give you abit of insite. Enjoy. Loni