Skip to content

Instantly share code, notes, and snippets.

@limhoff-r7

limhoff-r7/console.txt

Last active December 21, 2015 13:29
Show Gist options
  • Save limhoff-r7/6312499 to your computer and use it in GitHub Desktop.
Save limhoff-r7/6312499 to your computer and use it in GitHub Desktop.
Download ZIP
New msfconsole search syntax. Comparison of using all operators (for auxiliary module) vs raw SQL query.
Raw
console.txt
# each operator is on its own line just so it's easier to read.
search
description:"Module Description 1"
disclosed_on:"2013-08-21"
license:"Module License 1"
name:"Module Name 1"
privileged:"false"
stance:"aggressive"
actions.name:"Metasploit::Model::Module::Action#name 1"
architectures.abbreviation:"armle"
architectures.bits:"32"
architectures.endianness:"little"
architectures.family:"arm"
authors.name:"Metasploit::Model::Author 1"
email_addresses.domain:"metasploit-model-email-address-domain1.com"
email_addresses.local:"metasploit.model.email.address.local+1"
module_class.full_name:"auxiliary/mdm/module/ancestor/non/payload/reference/name1"
module_class.module_type:"auxiliary"
module_class.reference_name:"mdm/module/ancestor/non/payload/reference/name1"
rank.name:"Low"
rank.number:"100"
references.designation:"1"
references.url:"http://example.com/metasploit/model/reference/1"
Raw
query.sql
SELECT "module_instances"."id" AS t0_r0,
"module_instances"."description" AS t0_r1,
"module_instances"."disclosed_on" AS t0_r2,
"module_instances"."license" AS t0_r3,
"module_instances"."name" AS t0_r4,
"module_instances"."privileged" AS t0_r5,
"module_instances"."stance" AS t0_r6,
"module_instances"."default_action_id" AS t0_r7,
"module_instances"."default_target_id" AS t0_r8,
"module_instances"."module_class_id" AS t0_r9,
"module_actions"."id" AS t1_r0,
"module_actions"."name" AS t1_r1,
"module_actions"."module_instance_id" AS t1_r2,
"architectures"."id" AS t2_r0,
"architectures"."bits" AS t2_r1,
"architectures"."abbreviation" AS t2_r2,
"architectures"."endianness" AS t2_r3,
"architectures"."family" AS t2_r4,
"architectures"."summary" AS t2_r5,
"authors"."id" AS t3_r0,
"authors"."name" AS t3_r1,
"email_addresses"."id" AS t4_r0,
"email_addresses"."domain" AS t4_r1,
"email_addresses"."local" AS t4_r2,
"module_classes"."id" AS t5_r0,
"module_classes"."full_name" AS t5_r1,
"module_classes"."module_type" AS t5_r2,
"module_classes"."payload_type" AS t5_r3,
"module_classes"."reference_name" AS t5_r4,
"module_classes"."rank_id" AS t5_r5,
"module_ranks"."id" AS t6_r0,
"module_ranks"."name" AS t6_r1,
"module_ranks"."number" AS t6_r2,
"references"."id" AS t7_r0,
"references"."designation" AS t7_r1,
"references"."url" AS t7_r2,
"references"."authority_id" AS t7_r3
FROM "module_instances"
LEFT OUTER JOIN "module_actions"
ON "module_actions"."module_instance_id" = "module_instances"."id"
LEFT OUTER JOIN "module_architectures"
ON "module_architectures"."module_instance_id" = "module_instances"."id"
LEFT OUTER JOIN "architectures"
ON "architectures"."id" = "module_architectures"."architecture_id"
LEFT OUTER JOIN "module_authors"
ON "module_authors"."module_instance_id" = "module_instances"."id"
LEFT OUTER JOIN "authors"
ON "authors"."id" = "module_authors"."author_id"
LEFT OUTER JOIN "module_authors" "module_authors_module_instances_join"
ON "module_authors_module_instances_join"."module_instance_id" = "module_instances"."id"
LEFT OUTER JOIN "email_addresses"
ON "email_addresses"."id" = "module_authors_module_instances_join"."email_address_id"
LEFT OUTER JOIN "module_classes"
ON "module_classes"."id" = "module_instances"."module_class_id"
LEFT OUTER JOIN "module_classes" "module_classes_module_instances_join"
ON "module_classes_module_instances_join"."id" = "module_instances"."module_class_id"
LEFT OUTER JOIN "module_ranks"
ON "module_ranks"."id" = "module_classes_module_instances_join"."rank_id"
LEFT OUTER JOIN "module_references"
ON "module_references"."module_instance_id" = "module_instances"."id"
LEFT OUTER JOIN "references"
ON "references"."id" = "module_references"."reference_id"
WHERE ("module_instances"."description" ILIKE '%Module Description 1%'
AND "module_instances"."disclosed_on" = '2013-08-21'
AND "module_instances"."license" ILIKE '%Module License 1%'
AND "module_instances"."name" ILIKE '%Module Name 1%'
AND "module_instances"."privileged" = 'f'
AND "module_instances"."stance" ILIKE '%aggressive%'
AND "module_actions"."name" ILIKE '%Metasploit::Model::Module::Action#name 1%'
AND "architectures"."abbreviation" ILIKE '%armle%'
AND "architectures"."bits" = 32
AND "architectures"."endianness" ILIKE '%little%'
AND "architectures"."family" ILIKE '%arm%'
AND "authors"."name" ILIKE '%Metasploit::Model::Author 1%'
AND "email_addresses"."domain" ILIKE '%metasploit-model-email-address-domain1.com%'
AND "email_addresses"."local" ILIKE '%metasploit.model.email.address.local+1%'
AND "module_classes"."full_name" ILIKE '%auxiliary/mdm/module/ancestor/non/payload/reference/name1%'
AND "module_classes"."module_type" ILIKE '%auxiliary%'
AND "module_classes"."reference_name" ILIKE '%mdm/module/ancestor/non/payload/reference/name1%'
AND "module_ranks"."name" ILIKE '%Low%'
AND "module_ranks"."number" = 100
AND "references"."designation" ILIKE '%1%'
AND "references"."url" ILIKE '%http://example.com/metasploit/model/reference/1%')
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment