Merge pull request #26 from olgaKiseleva/master

Support of Vulners API v.2

Author: vulnersCom

README.md

@@ -1,15 +1,15 @@
 # getsploit
 
 [![Current Release](https://img.shields.io/github/release/vulnersCom/getsploit.svg "Current Release")](https://github.com/vulnersCom/getsploit/releases/latest)
-[![Downloads](https://img.shields.io/github/downloads/vulnersCom/getsploit/total.svg "Downloads")](https://github.com/vulnersCom/getsploit/releases) [![PayPal](https://img.shields.io/badge/donate-PayPal-green.svg)](https://paypal.me/videns)
+[![Downloads](https://img.shields.io/github/downloads/vulnersCom/getsploit/total.svg "Downloads")](https://github.com/vulnersCom/getsploit/releases) 
 
 # Description
 Inspired by [searchsploit](https://github.com/offensive-security/exploit-database/blob/master/searchsploit), it combines two features: command line search and download tool.
 It allows you to search online for the exploits across all the most popular collections: *Exploit-DB*, *Metasploit*, *Packetstorm* and others.
 The most powerful feature is immediate *exploit source download* right in your working path.
 
 # Python version
-Utility was tested on *python2.6*, *python2.7*, *python3.6* with SQLite FTS4 support. If you have found any bugs, don't hesitate to create an issue
+Utility was tested on *python2.7*, *python3.8+* with SQLite FTS4 support. If you have found any bugs, don't hesitate to create an issue
 
 # How to use
 

getsploit/getsploit.py

@@ -2,7 +2,7 @@
 # -*- coding: utf-8 -*-
 from __future__ import division
 
-__version__ = "0.3.3"
+__version__ = "1.0.0"
 
 import json
 import vulners
@@ -49,16 +49,25 @@
     LOCAL_SEARCH_AVAILABLE = False
 
 
-class sploitVulners(vulners.Vulners):
+class sploitVulners(vulners.VulnersApi):
 
-    api_endpoints = {
-        'search': "/api/v3/search/lucene/",
-        'software': "/api/v3/burp/software/",
-        'apiKey': "/api/v3/apiKey/valid/",
-        'searchsploitdb': "/api/v3/archive/getsploit/"
-    }
+    default_fields = (
+        "id",
+        "title",
+        "description",
+        "type",
+        "bulletinFamily",
+        "cvss",
+        "published",
+        "modified",
+        "lastseen",
+        "href",
+        "sourceHref",
+        "sourceData",
+        "cvelist",
+    )
 
-    def searchExploit(self, query, lookup_fields=None, limit=500, offset=0, fields=None):
+    def searchExploit(self, query, lookup_fields=None, limit=500, offset=0, fields=default_fields):
 
         if lookup_fields:
             if not isinstance(lookup_fields, (list, set, tuple)) or not all(isinstance(item, string_types) for item in lookup_fields):
@@ -68,27 +77,16 @@ def searchExploit(self, query, lookup_fields=None, limit=500, offset=0, fields=N
         else:
             searchQuery = "bulletinFamily:exploit AND %s" % query
 
-        total_bulletins = limit or self._Vulners__search(searchQuery, 0, 0, ['id']).get('total')
-        total = 0
-        dataDocs = []
+        dataDocs = self.find_all(searchQuery, offset=offset, limit=limit, fields=fields)
 
-        for skip in range(offset, total_bulletins, min(self.search_size, limit or self.search_size)):
-            results = self._Vulners__search(searchQuery, skip, min(self.search_size, limit or self.search_size), fields or self.default_fields + ['sourceData'])
-            total = max(results.get('total'), total)
-            for element in results.get('search'):
-                dataDocs.append(element.get('_source'))
         return searchQuery, dataDocs
 
     def downloadGetsploitDb(self, full_path):
         print("Downloading getsploit database archive. Please wait, it may take time. Usually around 5-10 minutes.")
-        # {'apiKey':self._Vulners__api_key}
-        download_request = self._Vulners__opener.get(self.vulners_urls['searchsploitdb'], stream = True)
+
+        download_request = self.getsploit()
         with open(full_path, 'wb') as f:
-            total_length = int(download_request.headers.get('content-length'))
-            for chunk in progress.bar(download_request.iter_content(chunk_size=1024), expected_size=(total_length / 1024) + 1):
-                if chunk:
-                    f.write(chunk)
-                    f.flush()
+            f.write(download_request)
         print("\nUnpacking database.")
         zip_ref = zipfile.ZipFile(full_path, 'r')
         zip_ref.extractall(DBPATH)
@@ -192,8 +190,6 @@ def main():
                 os.unlink(KEYFILE)
             raise exc
 
-        vulners_lib._Vulners__opener.headers.update({'User-Agent': 'Vulners Getsploit %s' % __version__})
-
         with open(KEYFILE, 'w') as key_file:
             key_file.write(api_key)