exploitoncli.php

<?php

/*
   ,------------------------------,
   | Author: R00Tmars             |
   | Email: mdk2@protonmai.com    |
   | GitHub: github.com/r00tmars  |
   | Twitter: @sr_mdk             |
   '------------------------------'

The best offline exploit database

Código escrito com a bunda e com muito amor

*/

@define(dirsep, DIRECTORY_SEPARATOR);
@define(versao, "BETA");

if(!file_exists("files")){
 mkdir("files");
}
if(!file_exists("update")){
 mkdir("update");
}


## OPT
$long_opt = array('search:',
                  'update::',
				  'about::', 'help::', 
				  'down::');
$opt = getopt('h::s:a::d::', $long_opt);

####################################################################
## GENERAL FUNCTION's
function banner(){
 echo "\033[0;37m
                                   ,,           ,,                                                              
\033[0;31m `7MM\"\"\"YMM\033[0;37m                      `7MM           db   mm \033[0;31m    .g8\"\"8q.\033[0;37m          \033[0;31m      .g8\"\"\"bgd \033[0;37m`7MMF'      `7MMF'
\033[0;31m   MM    `7\033[0;37m                        MM                MM   \033[0;31m.dP'    `YM.  \033[0;37m          \033[0;31m.dP'     `M   \033[0;37mMM          MM
\033[0;31m   MM   d\033[0;37m    `7M'   `MF'`7MMpdMAo. MM  ,pW\"Wq.`7MM mmMMmm\033[0;31m dM'      `MM \033[0;37m`7MMpMMMb.\033[0;31m dM'       ` \033[0;37m  MM          MM
\033[0;31m   MMmmMM\033[0;37m      `VA ,V'    MM   `Wb MM 6W'   `Wb MM   MM   \033[0;31mMM        MM   \033[0;37mMM    MM \033[0;31mMM           \033[0;37m MM          MM
\033[0;31m   MM   Y  , \033[0;37m    XMX      MM    M8 MM 8M     M8 MM   MM   \033[0;31mMM.      ,MP   \033[0;37mMM    MM \033[0;31mMM.          \033[0;37m MM      ,   MM
\033[0;31m   MM     ,M \033[0;37m  ,V' VA.    MM   ,AP MM YA.   ,A9 MM   MM   \033[0;31m`Mb.    ,dP'   \033[0;37mMM    MM \033[0;31m`Mb.     ,'  \033[0;37m MM     ,M   MM
\033[0;31m .JMMmmmmMMM\033[0;37m .AM.   .MA.  MMbmmd'.JMML.`Ybmd9'.JMML. `Mbmo\033[0;31m  `\"bmmd\"'   \033[0;37m.JMML  JMML.\033[0;31m `\"bmmmd' \033[0;37m .JMMmmmmMMM .JMML.
                          MM
                        .JMML.
                        
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m

 TOOL NAME \033[0;30m|\033[0;37m ExploitOnCLI \"aka\" EOC
 VERSION   \033[0;30m|\033[0;37m \033[0;31m".versao."\033[0;37m
 AUTOR     \033[0;30m|\033[0;37m ROOTmars(@sr_mdk)
 CONTACT   \033[0;30m|\033[0;37m mdk2@protonmail.com
 PATH      \033[0;30m|\033[0;37m ".getcwd()."
 
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------
\033[0;37m
 HELP:: ".$_SERVER['PHP_SELF']." --halp
 USAGE: ".$_SERVER['PHP_SELF']." --search/-s
    EX: ".$_SERVER['PHP_SELF']." --search 'DokuWiki'
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\n\n\033[0;37m";

$fu = array("siph0n.txt", "iedb.txt", "exploitdb.txt", "exploit4arab.txt", "packetstorm.txt", "cxsecurity.txt");

$fil = null;
foreach($fu as $f){ 
 if(!file_exists("update/{$f}")){ 
  $fil[] = $f; 
 }
}

if($fil != null){ 
 echo "\n \033[1;31m* \033[1;37m This files are \033[0;31mmissing\033[0;37m: \033[0;31m".$fil[0];
 unset($fil[0]);

 foreach($fil as $a){ echo "\033[0;30m, \033[0;31m".$a; }

 echo "\n \033[1;31m*\033[1;37m  You must run the \033[0;31m".$_SERVER['PHP_SELF']." --update\033[1;37m option on the next initializing\n\n\033[0;37m
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m";
}

}

function about(){
die("         ,,                                   
        *MM                             mm    
         MM                             MM    
,6\"Yb.  MM,dMMb.   ,pW\"Wq.`7MM  `7MM mmMMmm  
8)   MM  MM    `Mb 6W'   `Wb MM    MM   MM    
 ,pm9MM  MM     M8 8M     M8 MM    MM   MM    
8M   MM  MM.   ,M9 YA.   ,A9 MM    MM   MM    
`Moo9^Yo.P^YbmdP'   `Ybmd9'  `Mbod\"YML. `Mbmo \n
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m

 \033[0;31mTO RUN THE SCRIPT\033[0;37m
 \033[0;30m-----------------\033[0;37m
 
  PHP Version       7.0.19-1 (cli)
   php7.0-cli        Lib
  cURL support      Enabled
   php7.0-curl       Lib
  cURL Version      7.52.1
  allow_url_fopen   On
  Permission        Writing/Reading
 
 \033[0;31mABOUT DEVELOPER\033[0;37m
 \033[0;30m-----------------\033[0;37m
  Autor             ROOTmars
  Email             mdk2@protonmail.com
  Twitter           https://twitter.com/sr_mdk
  Github            https://github.com/r00tmars
 
 \033[0;31mABOUT TOOL\033[0;37m
 \033[0;30m-----------------\033[0;37m
 
 \033[0;31mE\033[0;37mxploit\033[0;31mO\033[0;37mn\033[0;37mC\033[0;31mLI\033[0;37m or '\033[0;31mEOC\033[0;37m' is a tool written in PHP for Linux, 
 designed to search for exploits in multiple exploit 
 databases (no online search will be performed, but yes in a local file), the databases are:
 
  \033[0;31m*\033[0;37m Siph0n
  \033[0;31m*\033[0;37m IEDB
  \033[0;31m*\033[0;37m Exploit-DB
  \033[0;31m*\033[0;37m CXSecurity
  \033[0;31m*\033[0;37m PacketStorm
  \033[0;31m*\033[0;37m Exploit4Arab

\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m
");
}

function help(){
die("  ,,                 ,,            
`7MM               `7MM            
  MM                 MM            
  MMpMMMb.  .gP\"Ya   MM `7MMpdMAo. 
  MM    MM ,M'   Yb  MM   MM   `Wb 
  MM    MM 8M\"\"\"\"\"\"  MM   MM    M8 
  MM    MM YM.    ,  MM   MM   ,AP 
.JMML  JMML.`Mbmmd'.JMML. MMbmmd'  
                          MM       
                        .JMML.\n 

 \033[0;31mOPTIONS\033[0;37m
 \033[0;30m-----------------\033[0;37m

                                      Simple search:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--search\033[0;30m/\033[0;31m-s\033[0;37m
                                                 EX:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--search\033[0;30m/\033[0;31m-s\033[0;37m \033[1;37mRobotCPA\033[0;37m

                                      Simple update:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--update\033[0;37m

                         Update a specific database:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--update=\033[1;37mDBS\033[0;37m
                                                 EX:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--update=\033[1;37miedb\033[0;37m
                                                EX2:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--update=\033[1;37miedb,packetstorm\033[0;37m
                     
                                           For help:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--help\033[0;30m/\033[0;31m-h\033[0;37m

                                        For 'about':\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--about\033[0;30m/\033[0;31m-a\033[0;37m 
                
 Option to download the results to the local folder:\033[1;37m root@root ~ \033[1;34m#\033[1;37m php eoc.php \033[0;31m--down\033[0;30m/\033[0;31m-d\033[0;37m 
                
                
                
                
                \n\n");





}

####################################################################
## BROWSER
function getsource($url){

 $cURL      = curl_init($url); // indicando a URL 
              curl_setopt($cURL, CURLOPT_USERAGENT, UserAgent()); // Setando o UserAgent
              curl_setopt($cURL, CURLOPT_RETURNTRANSFER, TRUE); //permitindo que o código fonte retorne
			  curl_setopt($cURL, CURLOPT_FOLLOWLOCATION, TRUE);
 $sour["s"] = curl_exec($cURL); // executando a operação
 $sour["i"] = curl_getinfo($cURL, CURLINFO_HTTP_CODE);
              curl_close($cURL); // fechando a conexão


return $sour; // retornando os dados pela function
}

function UserAgent(){ // Gera o UserAgent
// Arrays com as infos para os UserAgent's aleatórios
$UA[1] = array("SeaMonkey", "Mobile", "Opera", "Safari", "GoogleBot", "K-Meleon", 
               "SO"  => array("NetSecL Linux", "Dragora Linux", "ArchBSD", "Ubunto Linux", "Android", "Debian Linux"), 
			   "LNG" => array("en-US", "pt-BR", "cs-CZ", "pt_PT", "ru-RU", "en-IN") 
			  );
$UA[2] = array("Firefox", "Mobile", "Opera", "Safari", "GoogleBot", "Galaxy", 
               "SO"  => array("5.1.2600", "6.0", "6.1.7601", "6.2", "6.3", "6.4"), 
			   "LNG" => array("en-US", "pt-BR", "cs-CZ", "pt_PT", "ru-RU", "en-IN") 
			  );

// Monstando o UserAgent
if(rand(1,2)==1){	
 $USA = $UA[1][rand(0,5)]."./".rand(0,5).".".rand(0,5)." (".$UA[1]["SO"][rand(0,5)]."; ".$UA[1]["LNG"][rand(0,5)].";)";	
}else{
 $USA = "Mozilla/5.0 (Windows NT ".$UA[2]["SO"][rand(0,5)]."; ".$UA[2]["LNG"][rand(0,5)].") (KHTML, like Gecko) ".$UA[2][rand(0,5)]."/".rand(5,15).".".rand(10,25);
}

return $USA;

}

####################################################################
## DATABASE UPDATE
function siph0n(){
 echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mSIPH0N\n \033[0;30m--------------\033[0;37m\n";
 $dados = array('webapps');
 
 
 if(!file_exists("update".dirsep."siph0n.txt")){
  echo "\n\033[0;37m  Raw file not found, downloading from repository.. ";
  $x = getsource("https://raw.githubusercontent.com/r00tmars/ExploitOnCLI/master/update/siph0n.txt");
  file_put_contents("update/siph0n.txt", $x['s']);
  echo "DONE!\n";
 }
 
 
 foreach($dados as $id => $name){ // array of types
  echo "\n  \033[0;31m$name\033[0;37m - PAGE : ";
  
  $np=1;
  while($np<=1000){
   echo "\033[0;30m".$np."\033[0;37m";
 
   $x = getsource("http://siph0n.in/{$name}.php?page=$np"); 

   http_error:
   if($x["i"] != 200 or $x["i"] == 0){ 
    echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m "; 
	$x = getsource("http://siph0n.in/{$name}.php?page=$np"); 
	goto http_error; 
   }

   preg_match_all('/<table width="597" align="center" border="0">(.*?)<\/table>/s', $x["s"], $source);
   if(!isset($source[0][0])){ 
    echo "\n [ERROR]:: An unexpected error happened\n";   
    break;
   }
   $sourc = explode("</tr>", $source[0][0]);
   unset($sourc[0]);
   unset($sourc[count($sourc)]);

   if(empty($sourc)){ break; }   

   foreach($sourc as $code){
    preg_match_all('#<td class="style1" nowrap="nowrap" width="62">(.*?)</td>#', $code, $date);
    preg_match_all('#<a href="(.*?)" target="_blank" class="style2">(.*?)</a>#i', $code, $urlEname);
    if(empty($urlEname[0])){
     preg_match_all('#<a href="(.*?)" target="_blank" class="style1">(.*?)</a>#i', $code, $urlEname);
    }
	$x = explode('=', $urlEname[1][0]);
    $save[]  = '"siph0n","'.$name.'","'.$date[1][0].'","'.$x[1].'","'.html_entity_decode(trim($urlEname[2][0])).'","http://siph0n.in/'.$urlEname[1][0].'"';
   }

   foreach($save as $bla => $info){    
    $file = "update".dirsep."siph0n.txt";	
	$inf = explode("?", $info);		
	
	if(!preg_match("#".$inf[0]."#si", @file_get_contents($file))){
     file_put_contents($file, $info.PHP_EOL, FILE_APPEND);
    }else{
	 echo PHP_EOL;
	 break(2);
    }
    
   }
   $save = null;
   echo ", ";
   $np++;
  }
 }	
}

function iedb(){
 echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mIEDB\n \033[0;30m--------------\033[0;37m\n";
 $dados = array(0 => 'remotes', 
                1 => 'locals', 
				2 => 'webapps', 
				3 => 'dos', 
				4 => 'shellcodes');
 
  if(!file_exists("update".dirsep."iedb.txt")){
   echo "\n\033[0;37m  Raw file not found, downloading from repository.. ";
   $x = getsource("https://raw.githubusercontent.com/r00tmars/ExploitOnCLI/master/update/iedb.txt");
   file_put_contents("update/iedb.txt", $x['s']);
   echo "DONE!\n";
  }

 foreach($dados as $id => $name){
  echo "\n  \033[0;31m$name\033[0;37m - PAGE : ";

  $np=1;
  while($np<=500){
   echo "\033[0;30m".$np."\033[0;37m";
 
   $x = getsource("http://iedb.ir/{$name}.html?page=$np"); 

   http_error:
   if($x["i"] != 200 or $x["i"] == 0){ 
    echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m ";  
	$x = getsource("http://iedb.ir/{$name}.html?page=$np"); 
	goto http_error; 
   }
 
   preg_match_all('/<tr class="submit">(.*?)<\/tr>/s', $x["s"], $a);
 
   if(empty($a[0])){ break; }
 
   foreach($a[0] as $code){
    preg_match_all('#<td class="style1" nowrap="nowrap" width="62">(.*?)</td>#', $code, $date);
    preg_match_all('#<a href="(.*?)" target="_blank" class="style2">(.*?)</a>#i', $code, $urlEname);
    if(empty($urlEname[0])){ 
     preg_match_all('#<a href="(.*?)" target="_blank" class="style1">(.*?)</a>#i', $code, $urlEname); 
    }
	$id = explode("exploits-", $urlEname[1][0]);
	$id = explode('.html', $id[1]);
    $save[]  = '"iedb","'.$name.'","'.$date[1][0].'","'.$id[0].'","'.html_entity_decode(trim($urlEname[2][0])).'","http://iedb.ir/'.$urlEname[1][0].'"';
   }

   foreach($save as $bla => $info){
	$file = "update".dirsep."iedb.txt";
	
	if(!preg_match("#".$info."#si", @file_get_contents($file))){	
     file_put_contents($file, $info.PHP_EOL, FILE_APPEND);
    }else{
	 echo PHP_EOL;
	 break(2);
    }
    
    
   }
   $save = null;
   echo ", ";
   $np++;
  }
 }
}

function exploitdb(){
echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mEXPLOIT-DB\n \033[0;30m--------------\033[0;37m\n";
 $types = array('/remote/'    => 'remotes', 
               '/webapps/'    => 'webapps', 
			   '/local/'      => 'locals', 
			   '/dos/'        => 'dos', 
			   '/shellcode/'  => 'shellcodes');

 echo "\n  \033[0;31mALL TYPES\033[0;37m - PAGE : \033[0;30mALL\033[0;37m\n \033[0;31m*\033[0;37m This operation may take a little longer than normal \033[0;31m*\033[0;37m\n";
 
 
 $x = getsource("https://raw.githubusercontent.com/offensive-security/exploit-database/master/files.csv");
 
 http_error:
 if($x["i"] != 200 or $x["i"] == 0){ 
  echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m "; 
  $x = getsource("https://raw.githubusercontent.com/offensive-security/exploit-database/master/files.csv"); 
  goto http_error; 
 } 
 
 if(count(explode(PHP_EOL, $x['s'])) >= count(explode(PHP_EOL, @file_get_contents("update".dirsep."exploit-db.txt"))) or 
    !file_exists("update".dirsep."exploit-db.txt")){ // iniciando as operações caso o arquivo não existe ou o atual no repo. no github seja "maior"
  
  @unlink("update".dirsep."exploitdb.txt"); // Apagando o arquivo velho
 
  $file = explode(PHP_EOL, $x['s']);
  $x = null;
  foreach($file as $f){
   preg_match_all('#(.*?),(.*?),"(.*?)",(.*?),.*,.*,.*,.*#', $f, $data); // retirando as infos de cada linha

   foreach($types as $who => $why){ // procurando pelo "tipo", seja WebApps, Local, DoS/PoC, Remote, etc..
    if(@preg_match("#$who#i", $data[2][0])){
     $type = $why; 
    }
   }
   if(empty($type)){ $type = ""; }
   
   if(empty($data[4][0])){ $data[4][0] = "UNAVAILABLE";  }
   
   $line = @'"exploit-db","'.$type.'","'.$data[4][0].'","'.$data[1][0].'","'.html_entity_decode(trim($data[3][0])).'","https://www.exploit-db.com/exploits/'.$data[1][0].'/"';
   
   if(!empty($data[3][0])){
    file_put_contents("update".dirsep."exploitdb.txt", $line.PHP_EOL, FILE_APPEND);
   }
  } 
  
  
 }
 
 $x = ""; 
}

function cxsecurity(){
 echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mCXSECURITY\n \033[0;30m--------------\033[0;37m\n";
 $np=1;
 $date_break = "2500-05-16"; //gambiarra
 $sheit = true;
 
 if(!file_exists("update".dirsep."cxsecurity.txt")){
  echo "\n\033[0;37m  Raw file not found, downloading from repository.. ";
  $x = getsource("https://raw.githubusercontent.com/r00tmars/ExploitOnCLI/master/update/cxsecurity.txt");
  file_put_contents("update/cxsecurity.txt", $x['s']);
  echo "DONE!\n";
 }
 
 echo "\n  \033[0;31mALL\033[0;37m - PAGE : ";
 while($np<=10000){
  if($sheit==false){ break; }
  echo $np;
 
  $x = getsource("https://cxsecurity.com/wlb/$np"); 

  http_error:
  if($x["i"] != 200 or $x["i"] == 0){ 
   echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m "; 
   $x = getsource("https://cxsecurity.com/wlb/$np"); 
   goto http_error; 
  }
 
  preg_match_all("/<TABLE .*>(.+)<\/TABLE>/s", $x["s"], $source); // A   
  $xpl = explode("Topic & Details", $source[0][0]);               //  MAIS
  $xpl = explode('<div ng-controller="PagIt">', $xpl[1]);         //      PURA
  $xpl = explode('<thead>', $xpl[0]);                             //          GAMBIARRA
  unset($xpl[0]);                                                 //                   BRASILEIRA
 
  foreach($xpl as $id => $code){
   preg_match_all("/<font color='#e1d1e1'>(.*?)<\/font>/i", $code, $date);
   preg_match_all('#<h6><A href="(.*?)" title=".*">(.*?)</A></h6>#', $code, $urlEname);
   preg_match_all('#<span class="label label-primary">(.*?)</span>#', $code, $type);   
       
   $dados[$date[1][0]] = array('url'  => $urlEname[1],
                               'name' => $urlEname[2],
                               'type' => $type[1]);
  }
 
  foreach($dados as $date => $linkEname){
   $a = count($linkEname["url"])-1;
   $nps = 0;
   while($nps<= $a){
    if($date <= $date_break){
     $sheit = true;
	
	 if(!isset($linkEname["type"][$nps])){
      $linkEname["type"][$nps] = "Unknown";
	 }
     $x = explode('WLB-', $linkEname["url"][$nps]);     
     
     $file = "update".dirsep."cxsecurity.txt";
     $info = '"cxsecurity","'.$linkEname["type"][$nps].'","'.$date.'","'.$x[1].'","'.html_entity_decode(trim($linkEname["name"][$nps])).'","'.$linkEname["url"][$nps].'"';
	
	 if(!preg_match("#".$info."#si", @file_get_contents($file))){
      file_put_contents($file, $info.PHP_EOL, FILE_APPEND);
     }else{
	  echo PHP_EOL;
	  break(3);
     }


    }else{
	 $sheit = false;
     break;
    }
    $nps++;
    if($sheit==false){ break; }
   }
   $date_break = $date; 
   if($sheit==false){ break; }
  }
  
  $x         = array(); // MAIS
  $dados     = array(); //     UMA
  $xpl       = array(); //        GAMBIARRA
  $linkEname = array(); //                 TIPICAMENTE
  $date      = array(); //                            BRASILEIRA
  echo ", ";
  $np++;  
 }
}
 
function packetstorm(){
 echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mPACKETSTORM\n \033[0;30m--------------\033[0;37m\n";

  if(!file_exists("update".dirsep."packetstorm.txt")){
   echo "\n\033[0;37m  Raw file not found, downloading from repository.. ";
   $x = getsource("https://raw.githubusercontent.com/r00tmars/ExploitOnCLI/master/update/packetstorm.txt");
   file_put_contents("update/packetstorm.txt", $x['s']);
   echo "DONE!\n";
  }
 
 echo "\n  \033[0;31mALL TYPES\033[0;37m - PAGE : ";
 $np=1;
 
 $types = array('local'             => 'local',
                'remote'            => 'remote',
				'denial of service' => 'dos',
				'web'               => 'webapps',
				'shellcode'         => 'shellcodes');
 
 while($np<=10000){
  echo "\033[0;30m".$np."\033[0;37m";
 
  $x = getsource("https://packetstormsecurity.com/files/tags/exploit/page$np/"); 

  http_error:
  if($x["i"] != 200 or $x["i"] == 0){ 
   echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m "; 
   $x = getsource("https://packetstormsecurity.com/files/tags/exploit/page$np/"); 
   goto http_error; 
  }
  
  if(preg_match("/<h1>No Results Found<\/h1>/si", $x['s'])){ break; }
  if(preg_match("/<h2>You Have Reached Nothingness<\/h2>/si", $x['s'])){ break; }
 
  preg_match_all("/<dl id=\".*\" class=\".*\">(.*?)<\/dl>/si", $x['s'], $code);
  $code = explode("<dl", $code[0][0]);

  unset($code[0]);
  unset($code[26]);
  unset($code[27]);
  unset($code[28]); 
 
  foreach($code as $c){
   if(preg_match("/<dd class=\"md5\">/si", $c)){  // Se encontrar é porque é um exploit
    preg_match_all("#<dd class=\"act-links\"><a href=\"(.*?)\" title=#si", $c, $link); // [1][0]
    preg_match_all("#B\">(.*?)</a></dt>#si", $c, $title); // [1][0]
    preg_match_all("#/download/(.*?)/#si", $link[1][0], $id); // [1][0]
    preg_match_all("#Posted <a href=\"/files/date/(.*?)/\"#si", $c, $date); // [1][0]
    preg_match_all("#<a href=\"/files/tags/(.*?)\">#si", $c, $t1pe); // [1][0]
    
	if(preg_match("#Security Advisory#si", html_entity_decode($title[1][0]))){
	 break;
	}
	
    $type="";
    foreach($t1pe[1] as $sheit => $find){
     foreach($types as $tF => $tP){
      if(preg_match("/{$tF}/si", $find)){
	   $type = $tP;
	   break;
      }
     }
    }
    if(empty($type)){
     $type = "Unknown";
    }
    
    
     $file = "update".dirsep."packetstorm.txt";
     $info = '"packetstorm","'.$type.'","'.$date[1][0].'","'.$id[1][0].'","'.html_entity_decode($title[1][0]).'","https://packetstormsecurity.com'.$link[1][0].'"';
	
	 if(!preg_match("#".$info."#si", @file_get_contents($file))){
      file_put_contents($file, $info.PHP_EOL, FILE_APPEND);
     }else{
	  echo PHP_EOL;
	  break(2);
     }
    
    

   }
  } 
  echo ", ";
  $np++;
 }
}

function exploit4arab(){
 $types = array('webapps',
               'rl_exploits');

 echo "\n\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n  \033[0;31mEXPLOIT4ARAB\n \033[0;30m--------------\033[0;37m\n";
  
 if(!file_exists("update".dirsep."exploit4arab.txt")){
  echo "\n\033[0;37m  Raw file not found, downloading from repository.. ";
  $x = getsource("https://raw.githubusercontent.com/r00tmars/ExploitOnCLI/master/update/exploit4arab.txt");
  file_put_contents("update/exploit4arab.txt", $x['s']);
  echo "DONE!\n";
 }
  
 foreach($types as $typ){
  $np=1; 
  echo "\n  \033[0;31m{$typ}\033[0;37m - PAGE : ";
  $type = $typ;
   
  $x = getsource("http://www.exploit4arab.org/$typ/$np"); 
  preg_match_all("#<a href='.*' >(.*?)</a> </p><table border='1' align='center' width='98%'>#si", $x["s"], $nm);
  if(empty($nm[1][0])){ $nm[1][0] = 10000; }
 
  while($np<=$nm[1][0]){
  echo "\033[0;30m".$np."\033[0;37m";
 
  $x = getsource("http://www.exploit4arab.org/$typ/$np");
  
  preg_match_all("#<tr>(.*?)</tr>#si", $x["s"], $code);
  
  http_error:
  if($x["i"] != 200 or $x["i"] == 0){ 
   echo "\033[0;31mRetrying...\033[0;30m[".$x["i"]."]\033[0;37m "; 
   $x = getsource("http://www.exploit4arab.org/$typ/$np"); 
   goto http_error; 
  }
 
  foreach($code[1] as $c){
   $d = explode("</td>", $c);
   $date = trim(str_replace("<td>", "", $d[0]));	
   preg_match_all("#<td><a href='http://www.exploit4arab.org/exploits/(.*?)' title='(.*?)'>.*</a></td>#si", $c, $d);	
	
	
   $file = "update".dirsep."exploit4arab.txt";	
   $info = '"exploit4arab","'.$type.'","'.$date.'","'.$d[1][0].'","'.html_entity_decode($d[2][0]).'","http://www.exploit4arab.org/exploits/'.$d[1][0].'"';
	
   if(!preg_match("#".$info."#si", @file_get_contents($file))){
    file_put_contents($file, $info.PHP_EOL, FILE_APPEND);
   }else{
	echo PHP_EOL;
	break(3);
   }
	
  }
  echo ", ";
  $np++;  
  }
 }
}

####################################################################
## OUTRAS FUNÇÕES
function downcode($dados){ // para download do código XPL
$path = "files".dirsep.$dados[1][0].dirsep.strtolower($dados[2][0]).dirsep.$dados[4][0].".txt";

if(file_exists($path)){ // Caso o arquivo já exista
 goto break_is_shit;
}

$xpl = getsource($dados[6][0]);

if($dados[1][0] == "iedb"){         // OK
 preg_match_all('/pre>(.+)<\/pre/s', $xpl["s"], $code);
 $code = html_entity_decode($code[1][0]);
}

if($dados[1][0] == "exploit-db"){   // OK
 $code = getsource("https://www.exploit-db.com/download/".$dados[4][0]); 
}

if($dados[1][0] == "siph0n"){       // OK
 preg_match_all('/pre>(.+)<\/pre/s', $xpl["s"], $code);
 $code = html_entity_decode($code[1][0]);
 if(preg_match("#<a class=\"__cf_email__\"#si", $code)){
  preg_match_all('#<a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="(.*?)"#si', $code, $cfemail);
  $code = str_replace('<a class="__cf_email__" href="/cdn-cgi/l/email-protection" data-cfemail="'.$cfemail[1][0].'">[email protected]</a><script data-cfhash=\'f9e31\' type="text/javascript">/* <![CDATA[ */!function(t,e,r,n,c,a,p){try{t=document.currentScript||function(){for(t=document.getElementsByTagName(\'script\'),e=t.length;e--;)if(t[e].getAttribute(\'data-cfhash\'))return t[e]}();if(t&&(c=t.previousSibling)){p=t.parentNode;if(a=c.getAttribute(\'data-cfemail\')){for(e=\'\',r=\'0x\'+a.substr(0,2)|0,n=2;a.length-n;n+=2)e+=\'%\'+(\'0\'+(\'0x\'+a.substr(n,2)^r).toString(16)).slice(-2);p.replaceChild(document.createTextNode(decodeURIComponent(e)),c)}p.removeChild(t)}}catch(u){}}()/* ]]> */</script>', "[email protected]", $code);
 }
}

if($dados[1][0] == "cxsecurity"){   // OK
 preg_match_all("/<samp>(.*?)<\/samp>/si", $xpl["s"], $code);
 $code = htmlspecialchars_decode($code[1][0]);
 $code = str_replace("&#039;", "'", $code);
 $code = str_replace("<br />", "", $code);
}

if($dados[1][0] == "exploit4arab"){ // OK
 preg_match_all("#</table><pre class='code'>(.*?)</pre><body>#si", $xpl['s'], $f);
 $code = str_replace("<br />", "",$f[1][0]);
 $code = html_entity_decode($code);
}

if($dados[1][0] == "packetstorm"){  // OK
 $code = html_entity_decode($xpl['s']);
}

if(!file_exists("files".dirsep.$dados[1][0])){ // DATABASE
 mkdir("files".dirsep.$dados[1][0]);
}
if(!file_exists("files".dirsep.$dados[1][0].dirsep.strtolower($dados[2][0]))){ // TYPE
 mkdir("files".dirsep.$dados[1][0].dirsep.strtolower($dados[2][0]));
}

file_put_contents($path, $code);
break_is_shit:
}

function update($opt){ // atualizando BETA
 echo " \033[0;31mSTARTING UPDATE\033[0;37m\n";
 
 if(preg_match("/,/si", trim($opt['update']))){ $sDB = explode(",", $opt["update"]); }else{ $sDB[]= $opt["update"]; } 

 foreach($sDB as $id => $whatDB){
  if(preg_match("/iedb/si", $whatDB) or empty($whatDB))        { echo iedb();         }
  if(preg_match("/siph0n/si", $whatDB) or empty($whatDB))      { echo siph0n();       }
  if(preg_match("/exploit-db/si", $whatDB) or empty($whatDB))  { echo exploitdb();    }else
  if(preg_match("/exploitdb/si", $whatDB) or empty($whatDB))   { echo exploitdb();    }
  if(preg_match("/packetstorm/si", $whatDB) or empty($whatDB)) { echo packetstorm();  } 
  if(preg_match("/exploit4arab/si", $whatDB) or empty($whatDB)){ echo exploit4arab(); }  
  if(preg_match("/cxsecurity/si", $whatDB) or empty($whatDB))  { echo cxsecurity();   }
 }

echo "\n\n\033[0;31m  DONE\n\n";
}

function dados(){ // BETA
 $file = array();
 $iterator = new DirectoryIterator("update");

 foreach($iterator as $entry){
  $var = $entry->getFilename();

  $file[] = @file_get_contents("update".dirsep.$var);
 }


 foreach($file as $id => $dados_brutos){
 $shit = @explode(PHP_EOL, $dados_brutos);
  if(count($shit)>5){
   foreach($shit as $s){
    preg_match_all('/"(.*?)","(.*?)","(.*?)","(.*?)","(.*?)","(.*?)"/i', $s, $d);
    if($s!=null){
     $file[$d[5][0]] = $s;
    }
   }
  }	
 }
 $files = null;
 $shit = null;

 $file = array_unique($file); 
 
 return $file;
}

####################################################################
## VALHALLA
echo banner();
$down = FALSE;
if(isset($opt["help"]) or isset($opt["h"])){ echo help();   }  // HELP
if(isset($opt["about"]) or isset($opt["a"])){ echo about(); }  // ABOUT
if(isset($opt["update"])){ echo update($opt);               }  // UPDATE
if(isset($opt["s"])){ $opt["search"] = $opt["s"];           }  // FIND
if(isset($opt["down"]) or isset($opt["d"])){ $down = TRUE;  }  // ABOUT



if(empty($opt["search"])){ // Se não tiver nada para pesquisar, DIE MOTHERFUCKER
 die();
}


// INFOS
echo "     SEARCH TERM: \033[00;31m{$opt["search"]}\n\033[0;37m            DB's: ALL\n    DOWN SOURCES: ";
if($down == TRUE){ echo "\033[0;31mYES\033[0;37m\n"; }else{ echo "NOT\n"; }

// PEGANDO OS DADOS DOS ARQUIVOS
$file = dados();

// MAIS UMA PARTE DAS INFOS
echo " EXPLOITS LOADED: \033[0;31m".number_format(count($file),0,",",".")."\033[0;37m\n\n";


// GAMBIARRA PARA CABER NA TELA
$pnt = "";
$nm = 31;
if(strlen(getcwd())>=30){ $pnt = ".."; $nm = 29; }


echo "\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m
 TITLE                                                                                           \033[0;30m|\033[0;37m PATH ( ".@substr(getcwd(), 0, $nm).$pnt." )".@str_repeat(" ", $nm-strlen(getcwd()))."\033[0;30m|\033[0;37m ID         \033[0;30m|\033[0;37m DATABASE
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m";


$id=0;
foreach($file as $trash => $f){ // FOREACH COM CADA LINHA DOS DBS
 preg_match_all('/"(.*?)","(.*?)","(.*?)","(.*?)","(.*?)","(.*?)"/i', $f, $dados);
 
 
 if(@preg_match("/".strtolower($opt["search"])."/si", strtolower($dados[5][0]))){ // Caso encontre..
  $pnt = "";
  $nm = 95;
  
  if(strlen($dados[5][0])>=92){ // Caso o titulo tenha mais que 92 caracteres..
   $pnt = ".."; 
   $nm = 93; 
  }
  
  
// Arrumando o TITULO
$title = preg_replace("/{$opt["search"]}/si", "\033[0;31m".strtoupper($opt["search"])."\033[0;37m", 
         @substr($dados[5][0], 0, $nm).$pnt.@str_repeat(" ", $nm-strlen($dados[5][0])));

echo " ".$title." \033[0;30m|\033[0;37m ";

if($down == TRUE){ // caso a opção de download for selecionado
 downcode($dados);
}


$path = "files".dirsep.$dados[1][0].dirsep.strtolower($dados[2][0]).dirsep.$dados[4][0].".txt";
if(!file_exists($path)){ // Se o arquivo não existe, exibe o link
 if(preg_match("/exploit4arab/si", $dados[1][0])){ $path = "exploit4arab.org/".strtolower($dados[2][0])."/".$dados[4][0]; }
 if(preg_match("/packetstorm/si", $dados[1][0])){  $path = "packetstormsecurity.com/files/".$dados[4][0]."/";             }
 if(preg_match("/cxsecurity/si", $dados[1][0])){   $path = "cxsecurity.com/issue/WLB-".$dados[4][0];                      }
 if(preg_match("/exploit-db/si", $dados[1][0])){   $path = "exploit-db.com/exploits/".$dados[4][0]."/";                   }
 if(preg_match("/iedb/si", $dados[1][0])){         $path = "iedb.ir/exploits-".$dados[4][0].".html";                      }
 if(preg_match("/siph0n/si", $dados[1][0])){       $path = "siph0n.in/exploits.php?id=".$dados[4][0];                     }
}

echo $path.@str_repeat(" ", 39-strlen($path))." \033[0;30m|\033[0;37m "; // PATH
echo $dados[4][0].@str_repeat(" ", 10-strlen($dados[4][0]))." \033[0;30m|\033[0;37m " ; // ID
echo strtoupper($dados[1][0]).PHP_EOL; // DATABASE

  $id++;
 }
}


echo "\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m
 \033[0;31m{$id}\033[0;37m EXPLOITS FOUND
\033[0;30m------------------------------------------------------------------------------------------------------------------------------------------------------------------------\033[0;37m\n\n";
 





# END OF THE WORLD