Hello guys,
In hacking we usually look for exploits to own the target, and today I'm going to show you how to look for exploits in Backtrack Inside your terminal!
What Many of us don't know, there is more than 15,000 exploits inside your backtrack written perl, ruby, python and more. But, today we'll learn how to search in those exploits easily, and faster than Googling!
When I use linux, I like to use the terminal for almost everything, and now, we will use it for exploit searching ;)
Lets start,
First of all open your terminal and type this command:
cd /pentest/exploits/exploitdb
We will use this file to find the exploits on our PC, here is how to use it:
./searchsploit term1 term2 term3
what I mean in "term" is something that describes the exploit you're looking for, something that narrows down the search results to only the things you want.
For example, if you want an exploit for java inside windows, and we want the exploit to be DoS. Our command should look like this:
./searchsploit windows java dos
Easy, right?
Now you can change the terms and find the exploit you want.
Ok, so we get the exploit description, and a path...
As I mentioned before, there are two files, and one directory.. now we know what those two files do, it's the directory's turn now :P
that directory contains all of the exploits you need, and their paths.. so just enter, and copy the path to get it..
Let me show you an example.
We used the command:
./searchsploit windows java dos
and got some paths, here is how to get the exploits,
add "platforms" to the beginning of the path, for example
we got:
/windows/dos/11670.py
to read it use
cat platforms/windows/dos/11760.py
That's it you guys =)
Have fun, and happy pentesting!
