http://pen-test.jpn.org/pentest:exploit:exploitarchive
http://www.pakbugs.com/programs-scripts/23575-creating-exploit-databases-penetrate.html
1. http://www.remote-exploit.org/ [For backtrack + milworm and securityfocus exploits update script]
2. hackingdefined.com [For exploits CVS]
3. packetstormsecurity.org [For exploits database]
4. http://anyside.org/ [For exploits database]
5. http://secwatch.org/ [For exploits database]
6. http://www.brandonhutchinson.com/ [For packetstormsecurity exploits update script]
7. http://www.securityforest.com/ [For exploits database and securityforest exploits update script]
8. http://www.gnu.org/software/wget/ [For Wget]
更新履歴
-
2006/06/16 初版
-
Author kikuzou
-
概要
-
Milw0rm, SecurityFocusで公開されているExploitをCVSで管理する。
-
この管理方法は、ペネトレーションテスト用1CD linux「 BackTrack」で使用されている。
-
Exploitがプラットホーム,アプリケーション等でカテゴライズされているため、非常に探しやすい。
インストール環境
-
CentOS 4.3
前提条件
-
CVSクライアントがインストールされていること
参考URL
インストール手順
インストール
-
Exploit保存ディレクトリを作成し、アップデート用シェルスクリプトを作成する。
-
CVSでcheckoutする先は Hacking Defined である。(BackTrack作成に参加している)
# mkdir /pentest # mkdir /pentest/exploits # mkdir /pentest/exploits/bin # # cd /pentest/exploits # # vi update-milw0rm
update-milw0rm
#!/bin/bash
echo "Milw0rm Exploit CVS Update script"
CVSROOT=:pserver:anonymous@www.hackingdefined.com:/root;export CVSROOT
echo "Logging in - Press Enter when prompted"
cvs login
echo "Updating Exploits"
cvs update milw0rm
echo "Generating Local Database, please Wait"
cp bin/makeindex-milw0rm milw0rm/
cd milw0rm
./makeindex-milw0rm
# vi update-secfocus
update-secfocus
#!/bin/bash
echo "Milw0rm Exploit CVS Update script"
CVSROOT=:pserver:anonymous@www.hackingdefined.com:/root;export CVSROOT
echo "Logging in - Press Enter when prompted"
cvs login
echo "Updating Exploits"
cvs update secfocus
cp bin/makeindex-secfocus secfocus/
echo "Generating Local Database, please Wait"
cd secfocus
./makeindex-secfocus
# vi bin/makeindex-milw0rm
makeindex-milw0rm
#!/bin/bash rm -rf sploitlist.txt find . -xtype f |grep -v makeindex-milw0rm |grep -v "/CVS/" > allfiles.txt for file in $(cat allfiles.txt);do echo $file $(head -n 1 $file | cut -d " " -f 2-30) >> sploitlist.txt done rm -rf allfiles.txt
# vi bin/makeindex-secfocus
makeindex-secfocus
#!/bin/bash rm -rf sploitlist.txt find . -type d |cut -d "/" -f2 | sort -n | uniq > dirlisttmp.txt tail -n +3 dirlisttmp.txt > dirlist.txt for dir in $(cat dirlist.txt) do cd $dir echo $dir $(cat bid*.txt 2>/dev/null) >> ../sploitlist.txt cd .. done rm -rf dirlist*
# chmod +x update-* bin/makeindex-* # # CVSROOT=:pserver:anonymous@www.hackingdefined.com:/root;export CVSROOT # cvs login Logging in to :pserver:anonymous@www.hackingdefined.com:2401/root CVS password: # cvs checkout milw0rm # cvs checkout secfocus
-
上記手順を完了すると、以下ディレクトリに Milw0rm, SecurityFocus のExploitが保存される。
-
/pentest/ exploits/milw0rm
-
/pentest/ exploits/secfocus
-
-
内容の説明については省略する。
Exploitアーカイブのアップデート
-
アップデート用シェルスクリプトを実行する。
Milw0rm
# cd /pentest/exploits # ./update-milw0rm Milw0rm Exploit CVS Update script Logging in - Press Enter when prompted Logging in to :pserver:anonymous@www.hackingdefined.com:2401/root CVS password: [Enterキー] Updating Exploits ~ 省略 ~ Generating Local Database, please Wait #
SecurityFocus
# cd /pentest/exploits # ./update-secfocus Milw0rm Exploit CVS Update script Logging in - Press Enter when prompted Logging in to :pserver:anonymous@www.hackingdefined.com:2401/root CVS password: [Enterキー] Updating Exploits ~ 省略 ~ Generating Local Database, please Wait #
Exploitのリスト
-
保存されている Milw0rm, SecurityFocus の Exploit一覧については、以下ファイルを参照。
-
Milw0rm
-
/pentest/ exploits/milw0rm/sploitlist.txt
-
-
SecurityFocus
-
/pentest/ exploits/secfocus/sploitlist.txt
-
-
/pentest/exploits/milw0rm/sploitlist.txt の一部
./rport/1000/1210.pm WebAdmin <= 2.0.4 USER Buffer Overflow Exploit ./rport/10000/1147.pm Veritas Backup Exec Remote File Access Exploit (windows) ./rport/10000/705.pl Webmin BruteForce and Command Execution Exploit ./rport/10000/745.cgi Webmin Web Brute Force v1.5 (cgi-version) ./rport/10000/746.pl Webmin BruteForce + Command Execution v1.5 ./rport/10203/859.c CA License Server (GETCONFIG) Remote Buffer Overflow Exploit (c) ./rport/105/1375.pl Mercury Mail Transport System 4.01b Remote Exploit (PH SERVER) ./rport/1089/953.c Yager <= 5.24 Remote Buffer Overflow Exploit ./rport/110/1565.pl RevilloC MailServer 1.21 (USER) Remote Buffer Overflow Exploit PoC ./rport/110/638.py SLMail 5.5 POP3 PASS Buffer Overflow Exploit
/pentest/exploits/secfocus/sploitlist.txt の一部
8 SunView selection_svc Vulnerability 86 Multiple Vendor dip Buffer Overflow Vulnerability 113 Multiple Vendor FTPD realpath Vulnerability 115 Allaire ColdFusion Remote File Display, Deletion, Upload and Execution Vulnerability 116 DHTML Edit ActiveX Control File Stealing and Cross Frame Access Vulnerability 121 Multiple Vendor Linux Mountd Vulnerability 122 Multiple Vendor ToolTalk RPC Service Overflow Vulnerability 127 Multiple Vendor Statd Buffer Overflow Vulnerability 130 imapd Buffer Overflow Vulnerability 133 Qualcomm POP Server Buffer Overflow Vulnerability