hash/FunguyBot
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ExploitDB plugin added

Browse Source
This commit is contained in:
Hash Borgir
2025-10-16 15:35:30 -05:00
parent bb6f6c15f6
commit 4306d013eb
5 changed files with 342 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
README.md
View File

@@ -171,6 +171,68 @@ Common Search Filters:
http.title:"admin" - HTTP page title contains http.title:"admin" - HTTP page title contains
``` ```
### 🔍 DNSDumpster Reconnaissance
**🌐 !dnsdumpster [domain]**
Comprehensive DNS reconnaissance and attack surface mapping using DNSDumpster.com API.
**Commands:**
- `!dnsdumpster <domain>` - Complete DNS reconnaissance for any domain
- `!dnsdumpster test` - Test API connection and key validity
**Features:**
- **A Records**: All IPv4 addresses with geographic and ASN information
- **NS Records**: Complete name server information with IP locations
- **MX Records**: All mail servers with geographic data
- **CNAME Records**: Full alias chain mappings
- **TXT Records**: All text records including SPF, DKIM, verification records
- **Additional Records**: AAAA, SRV, SOA, PTR records when available
- **Web Services**: HTTP/HTTPS service detection with banner information
**Examples:**
```bash
!dnsdumpster google.com
!dnsdumpster github.com
!dnsdumpster example.com
!dnsdumpster test
Data Returned:
Total record counts for each type
IP addresses with country and ASN information
Web server banners and technologies
Complete subdomain and host mappings
Geographic distribution of services
Requires DNSDUMPSTER_KEY environment variable in .env file
```
## ExploitDB Plugin
A security plugin that searches Exploit-DB for vulnerabilities and exploits directly from Matrix.
### Features
- Searches the official Exploit-DB CSV database for security exploits
- Provides direct links to exploit details
- Fallback to web search when CSV lookup fails
- Configurable result limits (1-10)
- Formatted output with exploit metadata
### Commands
- `!exploitdb <search term> [max_results]` - Search Exploit-DB for vulnerabilities
### Examples
```
!exploitdb wordpress
!exploitdb apache 3
!exploitdb windows privilege escalation
!exploitdb android 10
```
### Usage Notes
- Maximum results limited to 10 for performance
- Results include: title, EDB-ID, type, platform, author, date, and direct URL
- Includes responsible disclosure reminder
- Automatically falls back to search links if CSV database is unavailable
### AI & Generation Commands ### AI & Generation Commands
**🤖 AI Commands (!tech, !music, !eth, etc.)** **🤖 AI Commands (!tech, !music, !eth, etc.)**

2
funguy.py
View File

@@ -22,7 +22,7 @@ ALLOWED_PLUGINS = {
'ai', 'config', 'cron', 'date', 'fortune', 'help', 'isup', 'karma', 'ai', 'config', 'cron', 'date', 'fortune', 'help', 'isup', 'karma',
'loadplugin', 'plugins', 'proxy', 'sd_text', 'stable-diffusion', 'loadplugin', 'plugins', 'proxy', 'sd_text', 'stable-diffusion',
'xkcd', 'youtube-preview', 'youtube-search', 'weather', 'urbandictionary', 'xkcd', 'youtube-preview', 'youtube-search', 'weather', 'urbandictionary',
'bitcoin', 'dns', 'shodan', 'dnsdumpster' 'bitcoin', 'dns', 'shodan', 'dnsdumpster', 'exploitdb'
} }
class FunguyBot: class FunguyBot:

238
plugins/exploitdb.py Normal file
View File

@@ -0,0 +1,238 @@
"""
This plugin provides a command to search Exploit-DB for security exploits and vulnerabilities.
Uses the searchsploit-style approach with the files.csv database.
"""
import logging
import requests
import csv
import io
import simplematrixbotlib as botlib
from datetime import datetime
# Exploit-DB CSV database URL
EXPLOITDB_CSV_URL = "https://gitlab.com/exploit-database/exploitdb/-/raw/main/files_exploits.csv"
def format_exploit(exploit, index, total):
"""
Format an exploit entry for display.
Args:
exploit (dict): The exploit data.
index (int): Current result index.
total (int): Total number of results.
Returns:
str: Formatted HTML string.
"""
edb_id = exploit.get('id', 'N/A')
title = exploit.get('description', 'No title')
date = exploit.get('date', 'Unknown')
author = exploit.get('author', 'Unknown')
exploit_type = exploit.get('type', 'Unknown')
platform = exploit.get('platform', 'Unknown')
# Build the URL
url = f"https://www.exploit-db.com/exploits/{edb_id}"
output = f"""<strong>💣 Exploit {index}/{total}</strong><br>
<strong>Title:</strong> {title}<br>
<strong>EDB-ID:</strong> {edb_id}<br>
<strong>Type:</strong> {exploit_type} | <strong>Platform:</strong> {platform}<br>
<strong>Author:</strong> {author} | <strong>Date:</strong> {date}<br>
<strong>URL:</strong> <a href="{url}">{url}</a>"""
return output
async def search_exploitdb_csv(query, max_results=5):
"""
Search Exploit-DB CSV database for exploits matching the query.
Args:
query (str): Search term.
max_results (int): Maximum number of results to return.
Returns:
list: List of exploit dictionaries, or None on error.
"""
try:
logging.info(f"Downloading Exploit-DB CSV database...")
headers = {
'User-Agent': 'FunguyBot/1.0',
}
# Download the CSV file
response = requests.get(EXPLOITDB_CSV_URL, headers=headers, timeout=30)
response.raise_for_status()
# Parse CSV
csv_data = response.text
csv_file = io.StringIO(csv_data)
reader = csv.DictReader(csv_file)
# Search through CSV
results = []
query_lower = query.lower()
logging.info(f"Searching CSV for: {query}")
for row in reader:
# Search in description (title) and other fields
description = row.get('description', '').lower()
file_path = row.get('file', '').lower()
if query_lower in description or query_lower in file_path:
exploit = {
'id': row.get('id', 'N/A'),
'description': row.get('description', 'No title'),
'date': row.get('date_published', row.get('date', 'Unknown')),
'author': row.get('author', 'Unknown'),
'type': row.get('type', 'Unknown'),
'platform': row.get('platform', 'Unknown')
}
results.append(exploit)
if len(results) >= max_results:
break
return results
except requests.exceptions.Timeout:
logging.error("Timeout downloading Exploit-DB database")
return None
except requests.exceptions.RequestException as e:
logging.error(f"Error downloading Exploit-DB database: {e}")
return None
except Exception as e:
logging.error(f"Unexpected error searching Exploit-DB: {e}", exc_info=True)
return None
async def search_exploitdb_google(query, max_results=5):
"""
Alternative: Search Exploit-DB using site-specific search.
Returns formatted search URLs instead of parsing.
Args:
query (str): Search term.
max_results (int): Maximum number of results to return.
Returns:
str: Formatted search information.
"""
# Create search URLs
exploitdb_search_url = f"https://www.exploit-db.com/search?q={query}"
google_search_url = f"https://www.google.com/search?q=site:exploit-db.com+{query}"
output = f"""<strong>💣 Exploit-DB Search for: {query}</strong><br><br>
<strong>Direct Search:</strong><br>
<a href="{exploitdb_search_url}">{exploitdb_search_url}</a><br><br>
<strong>Google Site Search:</strong><br>
<a href="{google_search_url}">{google_search_url}</a><br><br>
<em>💡 Tip: You can also use <code>searchsploit</code> command-line tool for offline searches.</em><br>
<em>⚠️ Use responsibly and only on systems you have permission to test.</em>"""
return output
async def handle_command(room, message, bot, prefix, config):
"""
Function to handle the !exploitdb command.
Args:
room (Room): The Matrix room where the command was invoked.
message (RoomMessage): The message object containing the command.
bot (Bot): The bot object.
prefix (str): The command prefix.
config (dict): Configuration parameters.
Returns:
None
"""
match = botlib.MessageMatch(room, message, bot, prefix)
if match.is_not_from_this_bot() and match.prefix() and match.command("exploitdb"):
logging.info("Received !exploitdb command")
args = match.args()
if len(args) < 1:
await bot.api.send_text_message(
room.room_id,
"Usage: !exploitdb <search term> [max_results]\n"
"Examples:\n"
" !exploitdb wordpress\n"
" !exploitdb apache 3\n"
" !exploitdb windows privilege escalation\n"
"Searches Exploit-DB for security vulnerabilities and exploits."
)
logging.info("Sent usage message for !exploitdb")
return
# Check if last argument is a number (max results)
max_results = 5
search_terms = args
if args[-1].isdigit():
max_results = int(args[-1])
if max_results < 1:
max_results = 1
elif max_results > 10:
max_results = 10
search_terms = args[:-1]
query = ' '.join(search_terms)
try:
# Send "searching" message
await bot.api.send_text_message(
room.room_id,
f"🔍 Searching Exploit-DB for: {query}... (this may take a moment)"
)
# Try CSV search first
exploits = await search_exploitdb_csv(query, max_results)
if exploits is None:
# Fallback to providing search links
logging.warning("CSV search failed, providing search links instead")
output = await search_exploitdb_google(query, max_results)
await bot.api.send_markdown_message(room.room_id, output)
return
if not exploits:
# Also provide search links when no results
output = f"No exploits found in local search for: <strong>{query}</strong><br><br>"
output += await search_exploitdb_google(query, max_results)
await bot.api.send_markdown_message(room.room_id, output)
logging.info(f"No exploits found for: {query}")
return
total = len(exploits)
logging.info(f"Found {total} exploit(s) for: {query}")
# Format all results
output = f"<strong>💣 Exploit-DB Search Results for: {query}</strong><br><br>"
for idx, exploit in enumerate(exploits, 1):
output += format_exploit(exploit, idx, total)
output += "<br><br>"
output += f"<em>⚠️ Use responsibly and only on systems you have permission to test.</em>"
# Wrap in collapsible details if more than 2 results
if total > 2:
summary = f"<strong>💣 Exploit-DB: {query}</strong> ({total} results)"
output = f"<details><summary>{summary}</summary>{output}</details>"
await bot.api.send_markdown_message(room.room_id, output)
logging.info(f"Sent {total} exploit(s) for: {query}")
except Exception as e:
await bot.api.send_text_message(
room.room_id,
f"An error occurred while searching Exploit-DB: {str(e)}"
)
logging.error(f"Error in exploitdb plugin: {e}", exc_info=True)

39
plugins/help.py
View File

@@ -126,6 +126,45 @@ async def handle_command(room, message, bot, prefix, config):
<em>Rate Limit: 1 request per 2 seconds</em></p> <em>Rate Limit: 1 request per 2 seconds</em></p>
</details> </details>
<details>
<summary><strong>💣 !exploitdb - Search Exploit Database</strong></summary>
<br>
<strong>Description:</strong><br>
Search Exploit-DB for security vulnerabilities and exploits. Returns detailed information about exploits including EDB-ID, type, platform, author, and direct links to exploit code.<br>
<br>
<strong>Usage:</strong><br>
<code>!exploitdb &lt;search_term&gt; [max_results]</code><br>
<br>
<strong>Parameters:</strong><br>
• <strong>search_term</strong> (required) - Software name, CVE number, or vulnerability type<br>
• <strong>max_results</strong> (optional) - Number of results to return (1-10, default: 5)<br>
<br>
<strong>Examples:</strong><br>
<code>!exploitdb wordpress</code> - Search for WordPress exploits<br>
<code>!exploitdb apache 3</code> - Get 3 Apache exploits<br>
<code>!exploitdb windows privilege escalation</code> - Search for Windows privesc<br>
<code>!exploitdb CVE-2021-44228</code> - Search by CVE number<br>
<code>!exploitdb linux kernel 10</code> - Get 10 Linux kernel exploits<br>
<code>!exploitdb sql injection</code> - Search for SQL injection exploits<br>
<br>
<strong>Output Includes:</strong><br>
• Exploit title and description<br>
• EDB-ID (Exploit Database ID)<br>
• Exploit type (webapps, local, remote, etc.)<br>
• Platform/OS (PHP, Linux, Windows, etc.)<br>
• Author name<br>
• Publication date<br>
• Direct link to full exploit code<br>
<br>
<strong>Notes:</strong><br>
• Searches the official Exploit-DB CSV database<br>
• May take a few seconds on first use (downloads database)<br>
• Falls back to search links if database unavailable<br>
<br>
<em>⚠️ Use responsibly and only on systems you have permission to test.</em>
</details>
<details><summary>📸 <strong>!sd [prompt]</strong></summary> <details><summary>📸 <strong>!sd [prompt]</strong></summary>
<p>Generates images using self-hosted Stable Diffusion. Supports options: --steps, --cfg, --h, --w, --neg, --sampler. Uses queuing system to handle multiple requests. See available options using just '!sd'.</p> <p>Generates images using self-hosted Stable Diffusion. Supports options: --steps, --cfg, --h, --w, --neg, --sampler. Uses queuing system to handle multiple requests. See available options using just '!sd'.</p>
</details> </details>

3
plugins/loadplugin.py
View File

@@ -61,7 +61,8 @@ async def load_plugin(plugin_name):
'bitcoin':'plugins.bitcoin', 'bitcoin':'plugins.bitcoin',
'dns':'plugins.dns', 'dns':'plugins.dns',
'shodan':'plugins.shodan', 'shodan':'plugins.shodan',
'dnsdumpster': 'plugins.dnsdumpster' 'dnsdumpster': 'plugins.dnsdumpster',
'exploitdb': 'plugins.exploitdb'
} }
# Get the module path from the mapping # Get the module path from the mapping