Results 1 to 2 of 2

Thread: Tutorial de Navegação Rápido em Exploit-db www.exploit-db.com

Threaded View

  1. #1
    Moderator firebits's Avatar
    Join Date
    Mar 2010
    Location
    Brazil
    Posts
    353

    Lightbulb Tutorial de Navegação Rápido em Exploit-db www.exploit-db.com

    Este é apenas um pequeno comentário sobre de como usar o exploit-db.

    Adicionando um Add-on de Firefox do Exploit-DB:

    Exploit-DB Search Browser Plugin

    Atualizando:

    Pode ser feito, clicando no menu -> Backtrack -> Penetration -> ExploitDB -> Update Exploitdb

    ou manualmente via subversion

    Code:
    svn co svn://devel.offensive-security.com/exploitdb
    Navegando:

    Procurar no script searchsploit faz a busca por exploits muito fácil!

    Code:
    root@bt:/pentest/exploits/exploitdb# ./searchsploit
    Usage: searchsploit [term1] [term2]
    Example: searchsploit apache local
    Use lower case in the search terms; second term is optional
    Looking for ms08-067:

    Code:
    root@bt:/pentest/exploits/exploitdb# ./searchsploit ms08-067
    Description Path
    --------------------------------------------------------------------------- -------------------------
    MS Windows Server Service Code Execution PoC (MS08-067) /windows/dos/6824.txt
    MS Windows Server Service Code Execution Exploit (MS08-067) (Univ) /windows/remote/6841.txt
    MS Windows Server Service Code Execution Exploit (MS08-067) /windows/remote/7104.c
    MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3) /windows/remote/7132.py
    Looking for Apache exploits on Windows platform:

    Code:
    root@bt:/pentest/exploits/exploitdb# ./searchsploit apache windows
    Description Path
    --------------------------------------------------------------------------- -------------------------
    Apache HTTP Server 2.x Memory Leak Exploit /windows/dos/9.c
    Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32) /windows/remote/3680.sh
    Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3) /windows/remote/3996.c
    mod_jk2 v2.0.2 for Apache 2.0 Remote Buffer Overflow Exploit (win32) /windows/remote/5330.c
    Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit /windows/remote/6089.pl
    Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32) /windows/remote/6100.py
    Apache Tomcat runtime.getRuntime().exec() Privilege Escalation (win) /windows/local/7264.txt

    Looking for Adobe 9.1.2 exploit and copying it to our root directory and renaming it to adobe:

    Code:
    root@bt:/pentest/exploits/exploitdb# ./searchsploit adobe 9.1.2
    Description Path
    --------------------------------------------------------------------------- -------------------------
    Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit /windows/local/9223.txt
    Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit (py) /windows/local/9272.py

    root@bt:/pentest/exploits/exploitdb# cp platforms/windows/local/9272.py /root/adobe.py

    Fonte:http://www.backtrack-linux.org/forum...-tutorial.html


    Traduzido e Adaptado por firebits
    http://www.backtrack-linux.org/forum.../firebits.html
    Last edited by firebits; 04-17-2010 at 03:17 PM.

Similar Threads

  1. Exploit-db quick navigation tutorial
    By Lincoln in forum BackTrack Howtos
    Replies: 2
    Last Post: 03-17-2011, 01:46 PM
  2. Replies: 0
    Last Post: 03-24-2010, 10:01 PM
  3. MSF : My first exploit
    By aemaeth in forum Beginners Forum
    Replies: 5
    Last Post: 03-16-2010, 05:51 PM
  4. Best exploit
    By mister|x in forum OLD Newbie Area
    Replies: 3
    Last Post: 02-27-2010, 06:26 PM
  5. DEP in BT3? exploit
    By phil128 in forum OLD BT3beta General
    Replies: 4
    Last Post: 05-05-2008, 06:36 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •