How To: Easily Find an Exploit in Exploit DB and Get It Compiled All from Your Terminal.

Easily Find an Exploit in Exploit DB and Get It Compiled All from Your Terminal.

How to Easily Find an Exploit in Exploit DB and Get It Compiled All from Your Terminal.

Hello everyone! Hope everyone having good day!! I wanted to share an easy way to locate an appropriate exploit from the EDB, get it compiled, and run it all from inside the terminal.

A copy of every exploit listed on the Exploit Database, is already saved to our file systems. When a new exploit is published on the database, it will be auto-populated into our files when we update the VM.

Step 1: ./Serchsploit

In my example, I have a target I see is running Apache 2.0.x., which is no longer maintained, as the current versions are Apache 2.4.x and 2.2.x. Navigate to /usr/share/exploitdb

# ./searchsploit apache 2.2

A number of exploits are returned. I narrow the appropriate exploits down based on the type of platform being used and any other applicable factors i learned during the recognizance phase.

Step 2: Select Exploit and Copy to Root

My target is running Windows, so I'm going to try, exploit 3996.c. I'm going to copy the exploit on over to my root directory so it's easier to work with.

cp /usr/share/exploitdb/platform/windows/remote/3996.c /root/3996.c

Step 3: Review File Using Gedit

Navigate to /root and gedit the exploit.
gedit 3996.c
Review the exploit for additional information such as usage and requirements..

Step 4: Compile the Exploit

Finally, compile the exploit. In this example, my file is written in C+, as indicated by the '.c'. I'm also going to rename my exploit 'apache' by using switch '-o'

gcc 3996.c -o apache.

To run it I enter:
./apache

Step 5: Permissions

I don't think you'll have any issues with permissions at all in this example, but for some reason if you do, take permission of the file by issuing the following command, using the above example.

chmod +x ./apache

Hope you enjoyed!

16 Comments

Cheers for this. That is actually awesome

thank you I appreciate it!!

I appreciate the time and effort you've saved me, so lets all bask in our mutual appreciation :)

Youre saying that a copy of ALL exploits?? Wont that be too big??

But nice.. didnt know about searchsploit.. thnx !! ;);)

nice article. but just for some constructive criticism: please, next time, make some screenshots. it makes your articles much easier and funnier to read.

-Phoenix750

wow...ok. You guys really do have high expectations lol. I included the screen shots I could but I don't know how much more descriptive I can be. I included the commands, surely I don't need to supply screen shots of the commands? I didn't know I had to be funny too. Phew! Thx for the warning lol

I told you!!! I thought your article was great and I have no complaints. This isn't a picture book. If you're smart surely you don't need screen shots for every little thing. Comment was ridiculous.

I'm a big girl, I can take it. ;) Thx though. I appreciate the support.

The article was good as-is IMHO. You could of wrote it in Binary and it was fine.

Same here, great article :)

and no, It's not your job to make anyone laugh. So aggravating. It doesn't take long of being on here before it's obvious who's the know-it-all. As if you were writing the article to please him. grrrrrr

Where do I get searchsploit? Is it part of Kali?

Navigate to usr/share/exploitdb

See if its there!!

super helpful article! thx for contrib

Once I compiled the exploit,how can I use it,I have a https target,I try so many scanner,still cannot show any details about it,any suggestions?

Share Your Thoughts

  • Hot
  • Latest