Searchsploit Nedir?

ExploitDB deki exploitleri bize terminalden sunar ve aynı zamanda exploitler hakkında da detaylı bilgiye ulaşmamızı sağlar.

Kurulum

1. sudo git clone https://github.com/offensive-security/exploitdb.git /opt/exploitdb

2. sed ‘s|path_array+=(.*)|path_array+=(“/opt/exploitdb”)|g’ /opt/exploitdb/.searchsploit_rc > ~/.searchsploit_rc

3. sudo ln -sf /opt/exploitdb/searchsploit /usr/local/bin/searchsploit

Searchsploit Kullanımı

-h Parametresi

Bu parametre ile searchsploitin diğer parametreleri ve ne işe yaradıkları hakkında bilgi alıyoruz.

ruger@sigint:~$ searchsploit -h
  Usage: searchsploit [options] term1 [term2] ... [termN]

==========
 Examples 
==========
  searchsploit afd windows local
  searchsploit -t oracle windows
  searchsploit -p 39446
  searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
  searchsploit linux reverse password

  For more examples, see the manual: https://www.exploit-db.com/searchsploit

=========
 Options 
=========
   -c, --case     [Term]      Perform a case-sensitive search (Default is inSEnsITiVe).
   -e, --exact    [Term]      Perform an EXACT match on exploit title (Default is AND) [Implies "-t"].
   -h, --help                 Show this help screen.
   -j, --json     [Term]      Show result in JSON format.
   -m, --mirror   [EDB-ID]    Mirror (aka copies) an exploit to the current working directory.
   -o, --overflow [Term]      Exploit titles are allowed to overflow their columns.
   -p, --path     [EDB-ID]    Show the full path to an exploit (and also copies the path to the clipboard if possible).
   -t, --title    [Term]      Search JUST the exploit title (Default is title AND the file's path).
   -u, --update               Check for and install any exploitdb package updates (deb or git).
   -w, --www      [Term]      Show URLs to Exploit-DB.com rather than the local path.
   -x, --examine  [EDB-ID]    Examine (aka opens) the exploit using $PAGER.
       --colour               Disable colour highlighting in search results.
       --id                   Display the EDB-ID value rather than local path.
       --nmap     [file.xml]  Checks all results in Nmap's XML output with service version (e.g.: nmap -sV -oX file.xml).
                                Use "-v" (verbose) to try even more combinations
       --exclude="term"       Remove values from results. By using "|" to separate, you can chain multiple values.
                                e.g. --exclude="term1|term2|term3".

=======
 Notes 
=======
 * You can use any number of search terms.
 * Search terms are not case-sensitive (by default), and ordering is irrelevant.
   * Use '-c' if you wish to reduce results by case-sensitive searching.
   * And/Or '-e' if you wish to filter results by using an exact match.
 * Use '-t' to exclude the file's path to filter the search results.
   * Remove false positives (especially when searching using numbers - i.e. versions).
 * When updating or displaying help, search terms will be ignored.

ruger@sigint:~$

En Basit Kullanım

Sadece exploitin adını yazmamız yeterli.İlk sütun exploit başlığı , ikinci sütun ise exploitin bilgisayarımızdaki konumu.