Incorrect processing of -t option after searchsploit update

[ar-mi]

Hi! I encountered some unexpected searchsploit behavior in the virtual machine image for a PWK course, i think. Initially, it correctly displays the filtered results when searching in the exploit title (searchsploit -t , example searchsploit -t Apache 2.4.7). However, after updating searchsploit -u, the filters seem to break and, with similar queries, display lines that do not contain anything from the filter in the title. And I'm not just talking about versions that can be in range as described at https://www.offensive-security.com/offsec/edb-searchsploit-update-2020/, even the words don't match the filters. But after doing that, I found a similar incorrect handling of -t option in the searchsploit out of box in the current kali linux image. Presumably the problem is with the searchsploit utility itself.

[Ralphhorn]

@ar-mi did you manage to find a solution to this issue? I am experiencing the exact same issue.

[saladpanda]

Also ran into this issue. searchsploit -t php 5 returns results which contain neigher of the terms.

The problem seems to be introduced in commit a2a942ae0aeeecab44806097c2a1019a1844df9e as this is the first commit which has the issue and touched searchsploit:

stefan@kali $ git checkout 23e40674cb5bcf143a8e88e407f454c9c3149eb0 
Previous HEAD position was a2a942ae0 Improved bash, more help, less bugs, and cleaner output
HEAD is now at 23e40674c Merge branch 'upstream-master' into misc

stefan@kali $ ./searchsploit -t php 5 | tail                        
YaPiG 0.95b - 'view.php?img_size' Cross-Site Scripting                | exploits/php/webapps/26345.txt
ZonPHP 2.25 - Remote Code Execution                                   | exploits/php/webapps/29091.txt
Zorum 3.5 - 'DBProperty.php' Remote File Inclusion                    | exploits/php/webapps/28828.txt
---------------------------------------------------------------------- ----------------------------------------
---------------------------------------------------------------------- ----------------------------------------
 Shellcode Title                                                      |  Path
                                                                      | (/usr/share/exploitdb/)
---------------------------------------------------------------------- ----------------------------------------
Linux/x86 - Reverse PHP (Writes To /var/www/cb.php On The Filesystem) | shellcodes/linux_x86/13340.c
---------------------------------------------------------------------- ----------------------------------------

stefan@kali $ git checkout a2a942ae0aeeecab44806097c2a1019a1844df9e 
Previous HEAD position was 23e40674c Merge branch 'upstream-master' into misc
HEAD is now at a2a942ae0 Improved bash, more help, less bugs, and cleaner output

stefan@kali $ ./searchsploit -t php 5 | tail                       
Zorum 3.5 - 'DBProperty.php' Remote File Inclusion                           | php/webapps/28828.txt
----------------------------------------------------------------------------- ---------------------------------
----------------------------------------------------------------------------- ---------------------------------
 Shellcode Title                                                             |  Path
----------------------------------------------------------------------------- ---------------------------------
Linux/x86 - Reverse PHP (Writes To /var/www/cb.php On The Filesystem) Shell  | linux_x86/13340.c
Safari 4.0.5 < 5.0.0 (Windows XP/7) - JavaScript JITed exec calc (ASLR/DEP B | windows/14221.html
Windows (XP < 10) - Command Generator WinExec() + Null-Free Shellcode (Gener | generator/38959.py
Windows (XP < 10) - Download File + Execute Shellcode                        | windows/39979.c
----------------------------------------------------------------------------- ---------------------------------

[saladpanda]

The problem seems to be the usage of --perl-regex which was introduced in said commit.

A quick-fix is to overwrite the regex-mode detection and set it to -E like it was before:

diff --git a/searchsploit b/searchsploit
index e6823b471..363e8428f 100755
--- a/searchsploit
+++ b/searchsploit
@@ -55,14 +55,15 @@ fi
 
 ## Check if our grep supports ---perl-regexp
 if grep --help 2>&1 | grep "[-]-perl-regexp" >/dev/null 2>&1 ; then
   REGEX_GREP="-P"
 else
   REGEX_GREP="-E"
 fi
+REGEX_GREP="-E"
 
 
 ## Set LANG variable to avoid illegal byte sequence errors
 LANG=C
 
 
 ## Usage info ~ https://www.tldp.org/LDP/abs/html/standard-options.html

[offensive-security]

Sorry for the delay. Thank you for the bug report.

Hope this fixes it: https://gitlab.com/exploit-database/exploitdb/-/commit/142f38c2791d3716f9b45b3ac2121fb3243e2734

You should be able to get updates now from: https://gitlab.com/exploit-database/exploitdb If you are still having issues, open up a ticket here: https://gitlab.com/exploit-database/exploitdb/-/issues.