这是著名exploit网站Exploit Database官方Git仓库。Exploit Database存储了大量的漏洞利用程序,可以帮助安全研究者和渗透测试工程师更好的进行安全测试工作。
该仓库每天都会更新,保证数据最全最新。 kali已经集成了
使用方法 root@kali:~# searchsploit -h
Usage : searchsploit [OPTIONS] term1 [term2] ... [termN]
Example: searchsploit oracle windows local
=========
OPTIONS
=========
-c - Perform case-sensitive searches; by default,
searches will try to be greedy
-v - By setting verbose output, description lines
are allowed to overflow their columns
-h, --help - Show help screen
NOTES:
- Use any number of search terms you would like (minimum: 1)
- Search terms are not case sensitive, and order is irrelevant
root@kali:~# searchsploit afd windows local
----------------------------------------------------------------|----------------------------------
Description | Path
----------------------------------------------------------------|----------------------------------
MS Windows XP/2003 AFD.sys Privilege Escalation Exploit (K-plug | /windows/local/6757.txt
Microsoft Windows xp AFD.sys Local Kernel DoS Exploit | /windows/dos/17133.c
Windows XP/2003 Afd.sys - Local Privilege Escalation Exploit (M | /windows/local/18176.py
Windows - AfdJoinLeaf Privilege Escalation (MS11-080) | /windows/local/21844.rb
----------------------------------------------------------------|----------------------------------
root@kali:~#
下载地址 https://github.com/offensive-security/exploit-database
更新脚本
#!/bin/bashecho "Updating The Exploit-DB"
cd /usr/share/exploitdb/
wget http://www.exploit-db.com/archive.tar.bz2
tar -xvjf /usr/share/exploitdb/archive.tar.bz2
rm /usr/share/exploitdb/archive.tar.bz2
echo "Exploit-DB Update Finished"
将脚本复制,保存文件名为dbupdate.sh。在用以下的命令进行升级:
# Chmod +x dbupdate.sh
# ./ dbupdate.sh
升级完成后就可以使用searchsploit命令来搜索exp就行利用了,搜索的命令是:
./ searchsploit 关键字
如果我想从漏洞程序利用列表中抽取特定的信息那该怎么办呢?利用强大的bash,你可以方便地操作任
何文本文件的输出,以用来搜寻有用的信息。方法是在命令提示符下敲入:view source1 # cat files.csv | grep “关键字” | cut d “;” f 3
这就可以实现从文件中抽取漏洞利用程序列表啦
第二个Pompem Exploit FinderPompem是一款开源的工具,它集成了各大exp网站的exploits,用于自动搜索。
由于是基于python语言开放,拥有相当高级的搜索,因此大大提高了渗透工作组的效率。
目前版本,支持搜索的db有:Exploit-db, 1337day, Packetstorm Security…
把Exploit-db, 1337day, Packetstorm Security集成起来了
Pompem is an open source tool, which is designed to automate the search for exploits in major databases.
Developed in Python, has a system of advanced search, thus facilitating the work of pentesters and ethical hackers.
In its current version, performs searches in databases: Exploit-db, 1337day, Packetstorm Security…
github:https://github.com/rfunix/Pompem
InstallationYou can download the latest tarball by clicking here or latest zipball by clicking here .
Preferably, you can download pompem by cloning the Git repository:
git clone https://github.com/rfunix/Pompem.git Pompem-devPompem works out of the box with Python version ”’2.6.x”’ and ”’2.7.x”’ on any platform.
Pompem lib uses the following setup:
BeautifulSoup Requests UsageTo get the list of basic options and information about the project:
python pompem.py -hExamples of use:
python pompem.py -s WordPresspython pompem.py -s Joomla --html
python pompem.py -s "Internet Explorer,joomla,wordpress" --html
python pompem.py -s FortiGate --txt
python pompem.py -s ssh,ftp,mysql
python pompem.py -s "joomla" -g
python pompem.py --update