SearchSploit: a Searchable Database of Exploits¶
All major operating systems.
What is SearchSploit?¶
The SearchSploit utility helps you find exploits for enumerated software and services. It’s part of the Metasploit Framework.
How does it work?¶
A local copy of the Exploit Database (EDB) exists in Kali Linux. (This database is also available for other systems.) The SearchSploit utility searches through this database in order to find exploits for the various software and services discovered during the enumeration phase of your penetration test. The utility also enables you to examine an exploit, and create a copy that you can alter for use on a specific host.
To use SearchSploit, simply type
searchsploit in the command-line, followed by the necessary arguments. Examples:
searchsploit ms08-067 searchsploit --id smb2 searchsploit --color vsftpd
At a minimum, SearchSploit expects one or more search terms corresponding to the names and versions of software or services. To learn the various command-line arguments available in SearchSploit, simply run
searchsploit with no arguments.
By default, SearchSploit shows the relative path to each of the exploits returned in your search query. Exploits can be found in the
The following are the most commonly-used command-line arguments and their descriptions:
-x [EDB-ID]: Examine Exploit¶
searchsploit -x 41891
less system utility, the
-x command-line argument enables you to view the source code of the specified exploit ID, enabling you to explore the exploit without having to create a local copy. This is especially handy for inspecting exploit code before you choose to use it.
-m [EDB-ID]: Mirror Exploit¶
searchsploit -m 41891
This creates a copy of the exploit referred to by the provided EDB-ID, saving it to the current working directory. This enables you to customize the exploit to suit your purposes, without messing up the original exploit code.
--id: Show EDB IDs¶
searchsploit --id ms17-010
Instead of showing the relative path to the exploit on-disk,
--id shows the EDB ID of the exploit. This ID number can be used in place of search terms when examining or copying discovered exploits.
--color: Remove Color From Results¶
searchsploit --color vsftpd
By default, found search terms are highlighted in red in the returned search results. Using the
--color command-line argument suppresses the use of color, thus providing results that are easier to parse programmatically.