mirror of
https://github.com/carlospolop/hacktricks
synced 2024-11-15 17:28:13 +00:00
41 lines
1.1 KiB
Markdown
41 lines
1.1 KiB
Markdown
|
# Search Exploits
|
||
|
|
|
||
|
|
### Browser
|
||
|
|
|
||
|
|
Always search in "google" or others: **<service\_name> \[version\] exploit**
|
||
|
|
|
||
|
|
You should also try the **shodan** **exploit search** from [https://exploits.shodan.io/](https://exploits.shodan.io/).
|
||
|
|
|
||
|
|
### Searchsploit
|
||
|
|
|
||
|
|
Useful to search exploits for services in **exploitdb from the console.**
|
||
|
|
|
||
|
|
```bash
|
||
|
|
#Searchsploit tricks
|
||
|
|
searchsploit "linux Kernel" #Example
|
||
|
|
searchsploit apache mod_ssl #Other example
|
||
|
|
searchsploit -m 7618 #Paste the exploit in current directory
|
||
|
|
searchsploit -p 7618[.c] #Show complete path
|
||
|
|
searchsploit -x 7618[.c] #Open vi to inspect the exploit
|
||
|
|
searchsploit --nmap file.xml #Search vulns inside an nmap xml result
|
||
|
|
```
|
||
|
|
|
||
|
|
### MSF-Search
|
||
|
|
|
||
|
|
```bash
|
||
|
|
msf> search platform:windows port:135 target:XP type:exploit
|
||
|
|
```
|
||
|
|
|
||
|
|
### PacketStorm
|
||
|
|
|
||
|
|
If nothing is found, try to search the used technology inside [https://packetstormsecurity.com/](https://packetstormsecurity.com/)
|
||
|
|
|
||
|
|
### Vulners
|
||
|
|
|
||
|
|
You can also search in vulners database: [https://vulners.com/](https://vulners.com/)
|
||
|
|
|
||
|
|
### Sploitus
|
||
|
|
|
||
|
|
This search exploits in other databases: [https://sploitus.com/](https://sploitus.com/)
|
||
|
|
|