howto search exploit information

[hdm at metasploit.com (H D Moore)]

On Tuesday 04 March 2008, Akos Toth wrote:
> I'm trying to write a script that would create some link between a
> security scanner's XML output and Metasploit's exploit database.
> For this I'd need to be able to search all exploit-related information
> (RPORT and 'References' would be the most important).

Take a look at tools/module_reference.rb in the distribution

> I guess the 'search' command is doing what I need. Could someone
> please point me to some resource about how to use regular expressions
> with this command?

The search command does not dive into references yet, but an example of 
searching name, title, and description:

msf>  search MS0[567] 

> BTW, what mechanism is behind 'db_autopwn'? I think understanding that
> would be of help too.

The code is here:
lib/msf/ui/console/command_dispatcher/db.rb

-p matches by default RPORT
-x matches by CVE/BID/URL/etc

-HD