exploitdb 介绍

利用数据库检索存档。

eexploitdb 主页
exploitdb repo 仓库
SearchSploit 指南

作者: Kali Linux
许可:GPL v2

包含在exploitdb里的工具

sea​​rchsploit - 利用数据库来搜索归档的实用程序
:~# searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
Example: searchsploit oracle windows local

========
Options:
========

   -c            Perform case-sensitive searches; by default, searches will
                 try to be greedy
   -h, --help    Show help screen
   -v            By setting verbose output, description lines are allowed to
                 overflow their columns

*NOTES*
Use any number of search terms you would like (minimum of one).
Search terms are not case sensitive, and order is irrelevant.

exploitdb用法示例

利用windows搜索远程oracle:

:~# searchsploit oracle windows remote
 Description                                               Path
--------------------------------------------------------- ----------------------
XDB FTP Service UNLOCK Buffer Overflow Exploit            | /windows/remote/80.c
9.2.0.1 Universal XDB HTTP Pass Overflow Exploit          | /windows/remote/1365.pm
9i/10g ACTIVATE_SUBSCRIPTION SQL Injection Exploit        | /windows/remote/3364.pl
WebLogic IIS connector JSESSIONID Remote Overflow Exploit | /windows/remote/8336.pl
Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit   | /windows/remote/9652.sh