After I downloaded some exploits for wordpress how would I use them?

sorry for retarded question.

First Thanks for this package!

using: python 3.5.0 on anaconda continuum
I had an issue UnicodeEncodeError: 'charmap' codec can't encode character I couldn't debug it.

~\Documents\GitHub\getsploit [master ≡]> python getsploit.py django
Total found exploits: 41
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+django
Traceback (most recent call last):
  File "getsploit.py", line 673, in <module>
    main()
  File "getsploit.py", line 670, in main
    print(outputTable.draw())
  File "C:\Users\Jeffrey\Miniconda3\lib\encodings\cp437.py", line 19, in encode
    return codecs.charmap_encode(input,self.errors,encoding_map)[0]
UnicodeEncodeError: 'charmap' codec can't encode character '\uff09' in position 598: character maps to <undefined>

When I add a return (out[:-1]).encode('utf-8') into line 313 the output is not well formatted.

I cannot download database using "getsploit --update", the download hangs before 25% (sometimes before 4% !).
I tried from different devices, internet sources...

Any ideas ?

Regards,

python script on mac , full text search sqlite database, tips:Your SQLite3 library does not support FTS4.， recompile sqlite， command "pragma compile_options" shows ENABLED_ FTS4，but python script still shows not support FTS4. Any solution？
system & program version
macos Sierra develop beta3
python 2.7.13
sqlite3 3.19.3

After I enter my API key, this error message always shows up
Traceback (most recent call last): File "$HOME/Library/Python/2.7/bin/getsploit", line 8, in <module> sys.exit(main()) File "$HOME/Library/Python/2.7/lib/python/site-packages/getsploit/getsploit.py", line 189, in main vulners_lib = sploitVulners(api_key=api_key) File "$HOME/Library/Python/2.7/lib/python/site-packages/vulners/api.py", line 120, in __init__ max_retries=retries)

Hi,
I get the following when issuing the following command: getsploit -u:
is this an error handling routine issue?

Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
39084032/336659441 [11.61%]Traceback (most recent call last):
File "/usr/local/bin/getsploit", line 11, in
sys.exit(main())
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 731, in main
downloadVulnersGetsploitDB(DBPATH)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 636, in downloadVulnersGetsploitDB
downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 608, in downloadFile
_download_helper(response,out_file,file_size)
File "/usr/local/lib/python2.7/dist-packages/getsploit/getsploit.py", line 590, in _download_helper
buffer = response.read(block_size)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/httplib.py", line 597, in read
s = self.fp.read(amt)
File "/usr/lib/python2.7/socket.py", line 384, in read
data = self._sock.recv(left)
File "/usr/lib/python2.7/ssl.py", line 772, in recv
return self.read(buflen)
File "/usr/lib/python2.7/ssl.py", line 659, in read
v = self._sslobj.read(len)
socket.error: [Errno 104] Connection reset by peer

Was just random typing. Works fine if I search for Kernel 4.0

Total found exploits: 6
Web-search URL: https://vulners.com/search?query=bulletinFamily%3Aexploit+AND+kernel+4.0.2
Traceback (most recent call last):
File "./getsploit.py", line 807, in
main()
File "./getsploit.py", line 801, in main
print(outputTable.draw().decode('ascii', 'ignore'))
UnicodeEncodeError: 'ascii' codec can't encode characters in position 2613-2620: ordinal not in range(128)

la-la-2:getsploit none$ getsploit --update
Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
[################################] 276048/427041 - 00:01:35

Unpacking database.
Traceback (most recent call last):
File "/Users/none/.pyenv/versions/3.6.5/bin/getsploit", line 11, in
load_entry_point('getsploit==0.3.3', 'console_scripts', 'getsploit')()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 204, in main
vulners_lib.downloadGetsploitDb(os.path.join(DBPATH, "getsplit.db.zip"))
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/site-packages/getsploit-0.3.3-py3.6.egg/getsploit/getsploit.py", line 93, in downloadGetsploitDb
zip_ref = zipfile.ZipFile(full_path, 'r')
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1108, in init
self._RealGetContents()
File "/Users/none/.pyenv/versions/3.6.5/lib/python3.6/zipfile.py", line 1175, in _RealGetContents
raise BadZipFile("File is not a zip file")
zipfile.BadZipFile: File is not a zip file

Breaks on line 664. Not sure what the problem is, whether the weird way you call print() or (more likely) something wrong with pathname2urlHandler(finalQuery).

Win7 Pro 64-bit, Python 2.7.6, sample output:

python getploit.py smb

Total found exploits: 850
Traceback (most recent call last):
  File "getsploit.py", line 672, in <module>
    main()
  File "getsploit.py", line 664, in main
    print("Web-search URL: %s" % 'https://vulners.com/search?query=%s' % pathname2urlHandler(finalQuery))
  File "C:\Python\lib\nturl2path.py", line 58, in pathname2url
    raise IOError, error
IOError: Bad path: bulletinFamily:exploit AND smb

Hello,

getsploit -j "CVE-2018-1001"

return exploits for the specific CVE BUT ALSO for other exploits (example return exploit about EURLEROS_SA-2018-1001 that talks about CVE-2018-5715 and not CVE-2018-1001) :-(

Any ideas ?

Regards

Hello,
Could you provide a real offline mode ?

Because to date, getsploit still needs an Internet connection even with the offline database, as one of the first actions in the script is to call this function which performs a check of the authenticity of the key.

Cheers.

My environment is as follows.
Ubuntu : 16.04.3
Python : 2.7.12

    ./getsploit.py -u
    Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.
    Traceback (most recent call last):
        File "./getsploit.py", line 802, in <module>
            main()
        File "./getsploit.py", line 743, in main
            downloadVulnersGetsploitDB(DBPATH)
        File "./getsploit.py", line 648, in downloadVulnersGetsploitDB
            downloadFile(vulnersURL['updateAPI'], archiveFileName, progress_callback=progress_callback_simple)
        File "./getsploit.py", line 619, in downloadFile
            file_size = int(meta.getheaders("Content-Length")[0])
    IndexError: list index out of range

Hi,

When I tried to update getsploit database, I got this error:

/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/vulners/vulners.py:439: DeprecationWarning: Vulners is deprecated and will be removed in future release. Use VulnersApi instead.
  warnings.warn(
Traceback (most recent call last):
  File "/usr/local/bin/getsploit", line 8, in <module>
    sys.exit(main())
  File "/usr/local/lib/venvs/getsploit/lib/python3.9/site-packages/getsploit/getsploit.py", line 195, in main
    vulners_lib._Vulners__opener.headers.update({'User-Agent': 'Vulners Getsploit %s' % __version__})
AttributeError: 'sploitVulners' object has no attribute '_Vulners__opener'

Any idea ?

Hello,

Is it plan to support local database with 'cvelist' argument ?

Regards,

UpdateAPI https://vulners.com/api/v3/archive/getsploit/ is returning an empty sqlite database, can you take a look at it?

I'm expecting a ~900M zip file.

Hello there,

In its pip package getsploit informs that Python 2 is supported to run it.
But in Python 2 os.makedirs does not have an exist_ok option so it does not work:

New in version 3.2: The exist_ok parameter.

Cheers.

Hello,

We don't have same result when trying to get exploits using following commands:

• getsploit -j cvelist:CVE-2019-5521
  --> exploit not found. OK

• getsploit -j cvelist:CVE-2019-5684
  --> exploit not found. OK

• but, getsploit -j cvelist:CVE-2019-5521,CVE-2019-5684
  --> several exploits found but there is no link between result and CVE Ids given in input.

Any Idea ?

Regards,

Hi,
can you please push the missing git tags like 0.3.1 - 0.3.3? It would be great to always have a matching tag available.
This would make it easier to potentially package this tool in a distro. thank you very much 🐈

When you first launch latest version of getsploit and enter the API key you can by chance entering spaces and see this output:

linxon@cirno-chan ~/.getsploit $ getsploit 
To use getsploit you need to obtain Vulners API key at https://vulners.com
Please, enter API key:     asd    
Traceback (most recent call last):
  File "/usr/lib/python-exec/python3.6/getsploit", line 11, in <module>
    load_entry_point('getsploit==0.3.2', 'console_scripts', 'getsploit')()
  File "/usr/lib64/python3.6/site-packages/getsploit/getsploit.py", line 145, in main
    vulners_lib = sploitVulners(api_key=api_key)
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 102, in __init__
    if api_key and not self.__validKey(api_key):
  File "/usr/lib64/python3.6/site-packages/vulners/api.py", line 199, in __validKey
    return self.vulners_post_request('apiKey', {'keyID':api_key}).get('valid')
AttributeError: 'bytes' object has no attribute 'get'