Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

PaulSec/exploitdb-json-api

BranchesTags
Open more actions menu

Repository files navigation

exploitdb-json-api

JSON API for ExploitDB Website

Requirements

Install NodeJS, and a MySQL database.

How to install it?

Clone my repo and the submodule (Exploit database repo). To do so:

git clone --recursive https://github.com/PaulSec/exploitdb-json-api.git
cd exploitdb-json-api

Then, create database and exploits table using the sql file:

mysql -uroot < create.sql

Move or copy files.csv (from Exploitdb project in /tmp/) and change the permissions to the file

mv exploitdb/files.csv /tmp/files.csv
chown mysql:mysql /tmp/files.csv

Import the data in the database:

LOAD DATA INFILE "/tmp/files.csv"
INTO TABLE exploitdb.exploits
FIELDS TERMINATED BY ','
ENCLOSED BY '"'
LINES TERMINATED BY '\n'
IGNORE 1 ROWS;

And finally (pfewww), change credentials to access the db in the model.js file.

Launch it

Two commands will do it:

npm install
node server.js

Use it

Server should be accessible at:

http://127.0.0.1:8080/exploits

This will retrieve you ALL the exploits (Be careful).

Filtering

Filter by Author:

http://127.0.0.1:8080/exploits?author=paul

Filter by Description:

http://127.0.0.1:8080/exploits?description=Linux

Filter by Date:

You can search older exploits specifying the before filter (equivalent to a <=).

http://127.0.0.1:8080/exploits?before=2005

Or the after one (equivalent to a >=):

http://127.0.0.1:8080/exploits?after=2005

Filter by Type:

http://127.0.0.1:8080/exploits?type=dos

Different type are: remote, local, webapps, dos, shellcode.

Filter by Platform:

http://127.0.0.1:8080/exploits?platform=linux

Different platform are: windows, linux, solaris, php, osx, bsd, cgi, hardware, multiple, hp-ux, tru64, sco, novell, irix, unix, aix, win32, ultrix, asp, qnx, plan9, jsp, openbsd, minix, freebsd, android, ios, netbsd_x86, bsd_ppc, bsd_x86, bsdi_x86, freebsd_x86, freebsd_x86-64, generator, lin_amd64, linux_mips, linux_ppc, linux_sparc, lin_x86, lin_x86-64, openbsd_x86, osx_ppc, sco_x86, solaris_sparc, solaris_x86, unixware, win64, arm, cfm, netware, sh4, java, beos, immunix, palm_os, atheos, mips, xml.

Filter by Port:

http://127.0.0.1:8080/exploits?port=80

Combining filters

Obviously, you can combine them all:

http://127.0.0.1:8080/exploits?author=paul&description=Linux&before=2005&type=dos

Getting information about a specific exploit

http://127.0.0.1:8080/exploits/2/

returns you a JSON response which looks like:

[{"id":2,"file":"platforms/windows/remote/2.c","description":"Microsoft Windows WebDAV - Remote PoC Exploit","_date":"2003-03-24T00:00:00.000Z","author":"RoMaNSoFt","platform":"windows","type":"remote","port":"80"}]

Retrieving a specific PoC

http://127.0.0.1:8080/exploits/2/attachment

retrieves you the attachment (the exploit file) for the exploit using the id 2.

Contributing

You want to help me creating a Webapp interface? You found a bug? Create an issue or contact me via Twitter @PaulWebSec.

License

MIT License. Exploit-Database is a project sponsored by Offensive Security.

About

JSON API for ExploitDB Website

Resources

Readme

License

MIT license
Activity

Stars

17 stars

Watchers

0 watching

Forks

7 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages
Morty Proxy This is a proxified and sanitized view of the page, visit original site.