The exploitDB is a wonderful place where you can find a massive amount of exploits, shellcodes and papers.
Here you can browse, read and download exploits for a whole range of systems.
I would recommend checking the verified tick box but it’s your call. You might have to tinker with a few things if not but if you know about the system and language well, you could probably figure it out.
If you didn’t want to trail through the website and you prefer to search within a terminal, you can use a tool called Searchsploit. What this does is allow you to search the ExploitDB offline. This can make life easier as you can search for exploits in the same terminal. It could also help when infiltrating networks which don’t have internet access.
If you are running Kali, you will already have this installed. If you are running Parrot, you will have to do the following:
apt update && apt -y install exploitdb
Optional: apt -y install exploitdb-bin-sploits exploitdb-papers
If you want to use git:
sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb
sed ‘s|path_array+=(.*)|path_array+=(“/opt/exploitdb”)|g’ /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc
sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit
Once you have it installed, you simply run searchsploit [Key word]
For more information on Searchsploit, the manual can be found here:
Leave a Reply