一,ExploitDB是什么?
ExploitDB 是一个面向全世界黑客的漏洞提交平台,该平台会公布最新漏洞的相关情况,这些可以帮助企业改善公司的安全状况,同时也以帮助安全研究者和渗透测试工程师更好的进行安全测试工作。Exploit-DB 提供一整套庞大的归档体系,其中涵盖了各类公开的攻击事件、漏洞报告、安全文章以及技术教程等资源。
二,在线网址
Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers
三,命令行工具和参数信息
查看帮助信息
searchsploit -h
Usage: searchsploit [options] term1 [term2] ... [termN]
==========
Examples
==========
searchsploit afd windows local
searchsploit -t oracle windows
searchsploit -p 39446
searchsploit linux kernel 3.2 --exclude="(PoC)|/dos/"
searchsploit -s Apache Struts 2.0.0
searchsploit linux reverse password
searchsploit -j 55555 | json_pp
For more examples, see the manual: https://www.exploit-db.com/searchsploit
=========
Options
=========
## Search Terms
-c, --case [Term] Perform a case-sensitive search (Default is inSEnsITiVe)
-e, --exact [Term] Perform an EXACT & order match on exploit title (Default is an AND match on each term) [Implies "-t"]
e.g. "WordPress 4.1" would not be detect "WordPress Core 4.1")
-s, --strict Perform a strict search, so input values must exist, disabling fuzzy search for version range
e.g. "1.1" would not be detected in "1.0 < 1.3")
-t, --title [Term] Search JUST the exploit title (Default is title AND the file's path)
--exclude="term" Remove values from results. By using "|" to separate, you can chain multiple values
e.g. --exclude="term1|term2|term3"
## Output
-j, --json [Term] Show result in JSON format
-o, --overflow [Term] Exploit titles are allowed to overflow their columns
-p, --path [EDB-ID] Show the full path to an exploit (and also copies the path to the clipboard if possible)
-v, --verbose Display more information in output
-w, --www [Term] Show URLs to Exploit-DB.com rather than the local path
--id Display the EDB-ID value rather than local path
--colour Disable colour highlighting in search results
## Non-Searching
-m, --mirror [EDB-ID] Mirror (aka copies) an exploit to the current working directory
-x, --examine [EDB-ID] Examine (aka opens) the exploit using $PAGER
## Non-Searching
-h, --help Show this help screen
-u, --update Check for and install any exploitdb package updates (brew, deb & git)
## Automation
--nmap [file.xml] Checks all results in Nmap's XML output with service version
e.g.: nmap [host] -sV -oX file.xml
=======
Notes
=======
* You can use any number of search terms
* By default, search terms are not case-sensitive, ordering is irrelevant, and will search between version ranges
* Use '-c' if you wish to reduce results by case-sensitive searching
* And/Or '-e' if you wish to filter results by using an exact match
* And/Or '-s' if you wish to look for an exact version match
* Use '-t' to exclude the file's path to filter the search results
* Remove false positives (especially when searching using numbers - i.e. versions)
* When using '--nmap', adding '-v' (verbose), it will search for even more combinations
* When updating or displaying help, search terms will be ignored
-c 区分大小写(默认不区分大小写)
-e 对exploit标题进行EXACT匹配(默认为AND)
-h 显示帮助
-j 以json格式显示结果
-m 把一个exp拷贝到当前工作目录,参数后加id
-o Exploit标题被允许溢出其列
-p 显示漏洞利用的完整路径(如果可能,还将路径复制到剪贴板),后面跟漏洞ID号
-t 仅仅搜索漏洞标题(默认是标题和文件的路径)
-u exploit软件包更新
-w 显示Exploit-DB.com的URL而不是本地路径(在线搜索)
-x, 使用$ PAGER检查(副本)Exp
--colour 搜索结果不高亮显示关键词
--id 显示EDB-ID
--nmap [file.xml] 使用服务版本检查Nmap XML输出中的所有结果(例如:nmap -sV -oX file.xml),使用“-v”(详细)来尝试更多的组合
--exclude="term" 从结果中删除值。通过使用“|”分隔多个值,例如--exclude=“term1 | term2 | term3”。