Use Exploit-DB at Bactrack is offline weapon of exploit in local database, Bactrack Tools > Exploitation Tools > Open Source Exploitation > Exploit-DB > Exploit-BD Search
To search exploit we can use ./searchploit <name exploit>
For example I want to find out about smb exploit
./searcploit smb
I can found so many exploit for smb, for use it we need to match vulnerability target with nessus, from Nessus article, to Open exploit, we can look extension exploit, if py its mean that file base writen with python and we can use syntax python <name exploit> for rb its mean ruby file, C is base writen on C we need to compile that script exploit, if that pl its mean writen with perl and use perl <name file exploit>
We can open exploit file with command "cat"
I'll try one of that file for example
and result of that is
That exploit is for VLC media player, we can use it if target have same match vulnerability.
No comments:
Post a Comment