Walking in Light With Christ - hip0's personal blog on System Administration, Free Software, Computer Security and Religion

Create Routine mirror copy of milw0rm & packetstorm exploits database

Few weeks ago, I've built a small script and put it to
execute in cron in order to have an up2date local copy of
milw0rm. Ofcourse that's pretty handy for several reasons.
For example milw0rm may go down and the exploit database to be lost forever. This once happened with hack.co.za which ceased to exist several years ago, even though it has one of the greatest exploits database for it's time.
Luckily I did a copy of hack.co.za, knowing that it's gone
day might come here is the mirror archive of hack.co.za database
Anyways back to the main topic which was creating routine mirror
copy of milw0rm exploits database.
Here is the small script that needs to be setup on cron in order to have periodic copy of milw0rm exploits database.

#!/usr/local/bin/bash
# Download milw0rm exploits
download_to='/home/hipo/exploits';
milw0rm_archive_url='http://milw0rm.com/sploits/milw0rm.tar.bz2';
milw0rm_archive_name='milw0rm.tar.bz2';
if [ ! -d '/home/hipo/exploits' ]; then
mkdir -p $download_to;
fi
cd $download_to;
wget -q $milw0rm_archive_url;
tar -jxvvf $milw0rm_archive_name;
rm -f $milw0rm_archive_name;
exit 0

The script is available as well for download via milw0rm_exploits_download.sh
To make the script operational I've set it up to execute via cron with
the following cron record:

00 1 * * * /path_to_script/milw0rm_exploits_download.sh >/dev/null 2>&1

Here is another shell code I used to download all packetstormsecurity exploits from packetstormsecurity's website:

#!/usr/local/bin/bash
# Download packetstormsecurity exploits
# uses jot in order to run in freebsd
packetstorm_download_dir='/home/hipo/exploits';
if [ ! -d "$packetstorm_download" ]; then
mkdir -p "$packetstorm_download";
for i in $(jot 12); do 
wget http://www.packetstormsecurity.org/0"$i"11-exploits/0"$i"11-exploits.tgz; 
done

The script can be obtained also via following link (packetstormsecurity_expl_db_download.sh)

Another interesting tutorial that relates to the topic of building local
mirrors (local exploit database) is an article I found on darkc0de.com's
website called How to build a local exploit database
The article explains thoroughly
howto prepare packetstormsecurity exploits database mirrorand
how to mirror milw0rm through python scripts.
Herein I include links to the 2 mirror scripts:
PacketStorm Security Mirror Script
milw0rm archive mirror script
Basicly the milw0rm archive script is identical to the small shellscript
I've written and posted above in the article. However I believe there is
one advantage of the shellscript it doesn't require you
to have python installed :)