Add "search -u" to use a module if there's only one result

[busterb]

This implements a feature request from a few years back, adding a numeric column to module search, as well as a '-u' option that automatically uses the first module that matches, or if the user specifies a number value, the nth module that matches.

Fixes #4336

Example:

msf5 > search -u cve-2013-0422

Matching Modules
================

   #  Name                                      Disclosure Date  Rank       Check  Description
   -  ----                                      ---------------  ----       -----  -----------
   1  exploit/multi/browser/java_jre17_jmxbean  2013-01-10       excellent  No     Java Applet JMX Remote Code Execution

Using exploit/multi/browser/java_jre17_jmxbean
msf5 exploit(multi/browser/java_jre17_jmxbean) > 

Counterexample:

msf5 exploit(multi/browser/java_jre17_jmxbean) > search cve-2013-0422 -u 1

Matching Modules
================

   #  Name                                      Disclosure Date  Rank       Check  Description
   -  ----                                      ---------------  ----       -----  -----------
   1  exploit/multi/browser/java_jre17_jmxbean  2013-01-10       excellent  No     Java Applet JMX Remote Code Execution


Using exploit/multi/browser/java_jre17_jmxbean
msf5 exploit(multi/browser/java_jre17_jmxbean) > search cve-2013-0422 -u 2

Matching Modules
================

   #  Name                                      Disclosure Date  Rank       Check  Description
   -  ----                                      ---------------  ----       -----  -----------
   1  exploit/multi/browser/java_jre17_jmxbean  2013-01-10       excellent  No     Java Applet JMX Remote Code Execution


Module #2 does not exist

[h00die]

Is there a default sorting, if so what is it?
Specifying 'i choose x' (blindly, as this seems to be for scripting) seems rough since modules are always being added. Is another CVE-xxxx-xxxx likely to be added, no, but more open searches like 'wordpress' may change frequently.

Edit (after reading the use case):
It seems like you have pre-knowledge when doing this search. Personally I would always search xyz and look at my options before choosing, and then in that case I would most likely search xyz -u since its quicker than typing the long path or copy/paste. Blindly typing search wordpress -u and thinking it will give you something useful isn't likely to be very successful IMO

[busterb]

I was thinking you'd search foo, see the list of foos, then up-arrow and add -u 4 or whatever made sense. -u basically is 'I'm feeling lucky' or 'I know this should match one thing'

[busterb]

This could be improved with some sort of default sorting, but you're right in that there's no guarantee that '-u N' will continue resolving to a particular module over time, even if there is sorting. What do you think, is this a reasonable implementation, or should I try an entirely different approach?

[h00die]

I don't have a better answer than this. The only other thought that came to mind is somehow caching the search result then doing a search -u 1 or use -s 1 where it would use the cached search results. However, the search is so darn fast now-a-days that it isn't a big deal to perform the search twice.

I can see the tickets now though "i used some tutorial and it said search windows -u 12 and it loaded the wrong module"

[wvu]

If I were using this feature, I'd like to be able to do search -u on a term and use the only module that matches. If there are multiple results, I would like them displayed so I can use a specific one. Just my two cents.

I don't like the use-by-index approach. I agree with @h00die's consideration that tutorials will perpetuate the wrong information.

I would still keep the index column, though.

[wvu]

e577b8f

[wvu]

Release Notes

The -u option is now available in thesearch command in msfconsole. This option will automatically use a module if there is only one search result.

[jmartin-tech]

Marking msf5 since this is not exposed in rpc and would require backport to work on 4.x.