Results 1 to 3 of 3

Thread: Exploit-db quick navigation tutorial

Threaded View

  1. #1
    Join Date
    Jan 2010
    The new forums

    Default Exploit-db quick navigation tutorial

    This is just a little writeup on using exploit-db.

    Adding Exploit-DB to browser:

    Exploit-DB Search Browser Plugin


    This can be done either in the menu -> Backtrack -> Penetration -> ExploitDB -> Update Exploitdb

    or by
    svn co svn://

    The searchsploit script makes finding exploits very easy!

    root@bt:/pentest/exploits/exploitdb# ./searchsploit
    Usage: searchsploit [term1] [term2]
    Example: searchsploit apache local
    Use lower case in the search terms; second term is optional
    Looking for ms08-067:

    root@bt:/pentest/exploits/exploitdb# ./searchsploit ms08-067
     Description                                                                 Path
    --------------------------------------------------------------------------- -------------------------
    MS Windows Server Service Code Execution PoC (MS08-067)                     /windows/dos/6824.txt
    MS Windows Server Service Code Execution Exploit (MS08-067) (Univ)          /windows/remote/6841.txt
    MS Windows Server Service Code Execution Exploit (MS08-067)                 /windows/remote/7104.c
    MS Windows Server Service Code Execution Exploit (MS08-067) (2k/2k3)        /windows/remote/
    Looking for Apache exploits on Windows platform:

    root@bt:/pentest/exploits/exploitdb# ./searchsploit apache windows
     Description                                                                 Path
    --------------------------------------------------------------------------- -------------------------
    Apache HTTP Server 2.x Memory Leak Exploit                                  /windows/dos/9.c
    Apache Mod_Rewrite Off-by-one Remote Overflow Exploit (win32)               /windows/remote/
    Apache 2.0.58 mod_rewrite Remote Overflow Exploit (win2k3)                  /windows/remote/3996.c
    mod_jk2 v2.0.2 for Apache 2.0 Remote Buffer Overflow Exploit (win32)        /windows/remote/5330.c
    Bea Weblogic Apache Connector Code Exec / Denial of Service Exploit         /windows/remote/
    Apache mod_jk 1.2.19 Remote Buffer Overflow Exploit (win32)                 /windows/remote/
    Apache Tomcat  runtime.getRuntime().exec() Privilege Escalation (win)       /windows/local/7264.txt
    Looking for Adobe 9.1.2 exploit and copying it to our root directory and renaming it to adobe:

    root@bt:/pentest/exploits/exploitdb# ./searchsploit adobe 9.1.2
     Description                                                                 Path
    --------------------------------------------------------------------------- -------------------------
    Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit                  /windows/local/9223.txt
    Adobe Acrobat 9.1.2 NOS Local Privilege Escalation Exploit (py)             /windows/local/
    root@bt:/pentest/exploits/exploitdb# cp platforms/windows/local/ /root/
    Last edited by Lincoln; 03-19-2010 at 01:21 AM.

Similar Threads

  1. B4$ final using metasploit 3.3.4-dev to exploit IE6
    By bostonlink in forum BackTrack Videos
    Replies: 0
    Last Post: 01-24-2010, 06:14 AM
  2. Replies: 6
    Last Post: 01-23-2010, 01:07 AM
  3. Replies: 1
    Last Post: 01-21-2010, 07:46 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts